PG1X WIKI

My Knowledge Base

User Tools

Site Tools


tech:cloud:openstack:mitaka:install-openstack-mitaka-all-in-one-1:install-openstack-mitaka-all-in-one-1

Install Openstack Mitaka All In One: 1

System Architecture

Parameter Sheet

Key1 Key2 Value Remarks
IPv4 ens33 192.168.200.134
IPv4 ens38 192.168.1.121
Common password password1234
#
export WELL_KNOWN_PASSWORD=password1234
#
export OS_TOKEN=012c3690a3486a210193
export OS_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
/root/admin-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=password1234
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
/root/demo-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=password1234
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

VM Configuration

Utilize

Make sure Ubuntu Server already up to date.

sudo apt -y update && sudo apt -y upgrade --auto-remove && sudo systemctl reboot
cat <<EOF >/etc/sudoers.d/wnoguchi
wnoguchi ALL=(ALL) NOPASSWD:ALL
EOF
chmod 400 /etc/sudoers.d/wnoguchi
/usr/local/bin/terminal-logging
log_archive_directory=$HOME/logs/term
[ ! -d "$HOME/logs/term" ] && mkdir -p $log_archive_directory
 
log_archive_directory=$HOME/logs/term;script ${log_archive_directory}/$(date +%Y%m%d_%H%M%S)_$(whoami).log
wnoguchi@ubuntu:~$ sudo vim /usr/local/bin/terminal-logging
wnoguchi@ubuntu:~$ sudo chmod 755 /usr/local/bin/terminal-logging
sudo update-alternatives --config editor
sudo select-editor
wnoguchi@ubuntu:~$ sudo update-alternatives --config editor
There are 4 choices for the alternative editor (providing /usr/bin/editor).

  Selection    Path                Priority   Status
------------------------------------------------------------
* 0            /bin/nano            40        auto mode
  1            /bin/ed             -100       manual mode
  2            /bin/nano            40        manual mode
  3            /usr/bin/vim.basic   30        manual mode
  4            /usr/bin/vim.tiny    10        manual mode

Press <enter> to keep the current choice[*], or type selection number: 3
There are 4 choices for the alternative editor (providing /usr/bin/editor).

  Selection    Path                Priority   Status
------------------------------------------------------------
* 0            /bin/nano            40        auto mode
  1            /bin/ed             -100       manual mode
  2            /bin/nano            40        manual mode
  3            /usr/bin/vim.basic   30        manual mode
  4            /usr/bin/vim.tiny    10        manual mode

Press <enter> to keep the current choice[*], or type selection number: 3
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/editor (editor) in manual mode
wnoguchi@ubuntu:~$ sudo select-editor

Select an editor.  To change later, run 'select-editor'.
  1. /bin/ed
  2. /bin/nano        <---- easiest
  3. /usr/bin/vim.basic
  4. /usr/bin/vim.tiny

Choose 1-4 [2]: 3

Configure Networking

root@ubuntu:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:9e:77:80 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.134/24 brd 192.168.200.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe9e:7780/64 scope link
       valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:0c:29:9e:77:8a brd ff:ff:ff:ff:ff:ff
wnoguchi@ubuntu:~$ terminal-logging
Script started, file is /home/wnoguchi/logs/term/20180417_071103_wnoguchi.log
wnoguchi@ubuntu:~$ sudo cp -p /etc/network/interfaces{,.`date +%Y%m%d%H%M%S`}
wnoguchi@ubuntu:~$ ls -l /etc/network/interfaces.*
-rw-r--r-- 1 root root  306 Apr 16 09:37 /etc/network/interfaces.20180417071440

/etc/network/interfaces.d:
total 0
/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
 
source /etc/network/interfaces.d/*
 
# The loopback network interface
auto lo
iface lo inet loopback
 
# The primary network interface
auto ens33
iface ens33 inet dhcp
/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
 
source /etc/network/interfaces.d/*
 
# The loopback network interface
auto lo
iface lo inet loopback
 
# The primary network interface
auto ens33
iface ens33 inet static
address 192.168.200.134
netmask 255.255.255.0
gateway 192.168.200.1
dns-nameservers 192.168.200.2
 
auto ens38
iface ens38 inet static
address 192.168.1.121
netmask 255.255.255.0
wnoguchi@ubuntu:~$ diff -u /etc/network/interfaces{.20180417071440,}
--- /etc/network/interfaces.20180417071440      2018-04-16 09:37:11.229457994 +0900
+++ /etc/network/interfaces     2018-04-17 07:35:55.934788918 +0900
@@ -9,4 +9,14 @@

 # The primary network interface
 auto ens33
-iface ens33 inet dhcp
+iface ens33 inet static
+address 192.168.200.134
+netmask 255.255.255.0
+gateway 192.168.200.1
+dns-nameservers 192.168.200.2
+
+auto ens38
+iface ens38 inet static
+address 192.168.1.121
+netmask 255.255.255.0
+
wnoguchi@ubuntu:~$ sudo systemctl daemon-reload
wnoguchi@ubuntu:~$ sudo systemctl restart networking.service
wnoguchi@ubuntu:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:9e:77:80 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.134/24 brd 192.168.200.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe9e:7780/64 scope link
       valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:9e:77:8a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.121/24 brd 192.168.1.255 scope global ens38
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe9e:778a/64 scope link
       valid_lft forever preferred_lft forever
wnoguchi@ubuntu:~$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.200.2
search localdomain
wnoguchi@ubuntu:~$ ping www.google.com -c2
PING www.google.com (172.217.161.196) 56(84) bytes of data.

--- www.google.com ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1003ms

wnoguchi@ubuntu:~$ ip ro
default via 192.168.200.1 dev ens33 onlink
192.168.1.0/24 dev ens38  proto kernel  scope link  src 192.168.1.121
192.168.200.0/24 dev ens33  proto kernel  scope link  src 192.168.200.134
wnoguchi@ubuntu:~$ ping 192.168.200.2
PING 192.168.200.2 (192.168.200.2) 56(84) bytes of data.
64 bytes from 192.168.200.2: icmp_seq=1 ttl=128 time=0.069 ms
64 bytes from 192.168.200.2: icmp_seq=2 ttl=128 time=0.227 ms
^C
--- 192.168.200.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1005ms
rtt min/avg/max/mdev = 0.069/0.148/0.227/0.079 ms
wnoguchi@ubuntu:~$ ping 192.168.200.1
PING 192.168.200.1 (192.168.200.1) 56(84) bytes of data.
64 bytes from 192.168.200.1: icmp_seq=1 ttl=128 time=0.367 ms
64 bytes from 192.168.200.1: icmp_seq=2 ttl=128 time=0.542 ms
^C
--- 192.168.200.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1011ms
rtt min/avg/max/mdev = 0.367/0.454/0.542/0.090 ms
wnoguchi@ubuntu:~$ ping 8.8.8.8 -c2
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1001ms

Internet unreachable. revert this.

wnoguchi@ubuntu:~$ sudo cp -p /etc/network/interfaces.20180417071440 /etc/network/interfaces
wnoguchi@ubuntu:~$ sudo systemctl daemon-reload
wnoguchi@ubuntu:~$ sudo systemctl restart networking.service
wnoguchi@ubuntu:~$ ip ro
default via 192.168.200.2 dev ens33
192.168.1.0/24 dev ens38  proto kernel  scope link  src 192.168.1.121
192.168.200.0/24 dev ens33  proto kernel  scope link  src 192.168.200.134
wnoguchi@ubuntu:~$  ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:9e:77:80 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.134/24 brd 192.168.200.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe9e:7780/64 scope link
       valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:9e:77:8a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.121/24 brd 192.168.1.255 scope global ens38
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe9e:778a/64 scope link
       valid_lft forever preferred_lft forever
wnoguchi@ubuntu:~$ ping 8.8.8.8 -c1
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=128 time=10.3 ms

--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 10.348/10.348/10.348/0.000 ms
wnoguchi@ubuntu:~$ ping www.google.co.jp -c1
PING www.google.co.jp (172.217.161.227) 56(84) bytes of data.
64 bytes from kix06s05-in-f3.1e100.net (172.217.161.227): icmp_seq=1 ttl=128 time=20.1 ms

--- www.google.co.jp ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 20.188/20.188/20.188/0.000 ms

seems different routing table.

/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
 
source /etc/network/interfaces.d/*
 
# The loopback network interface
auto lo
iface lo inet loopback
 
# The primary network interface
auto ens33
iface ens33 inet static
address 192.168.200.134
netmask 255.255.255.0
gateway 192.168.200.2
dns-nameservers 192.168.200.2
 
auto ens38
iface ens38 inet static
address 192.168.1.121
netmask 255.255.255.0
wnoguchi@ubuntu:~$ diff -u /etc/network/interfaces{.20180417071440,}
--- /etc/network/interfaces.20180417071440      2018-04-16 09:37:11.229457994 +0900
+++ /etc/network/interfaces     2018-04-17 07:59:38.541384259 +0900
@@ -9,4 +9,14 @@

 # The primary network interface
 auto ens33
-iface ens33 inet dhcp
+iface ens33 inet static
+address 192.168.200.134
+netmask 255.255.255.0
+gateway 192.168.200.2
+dns-nameservers 192.168.200.2
+
+auto ens38
+iface ens38 inet static
+address 192.168.1.121
+netmask 255.255.255.0
+
wnoguchi@ubuntu:~$ sudo systemctl daemon-reload
wnoguchi@ubuntu:~$ sudo systemctl restart networking.service

something wrong. reboot.

wnoguchi@ubuntu:~$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:9e:77:80 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.134/24 brd 192.168.200.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe9e:7780/64 scope link
       valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:9e:77:8a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.121/24 brd 192.168.1.255 scope global ens38
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe9e:778a/64 scope link
       valid_lft forever preferred_lft forever
wnoguchi@ubuntu:~$ ip route
default via 192.168.200.2 dev ens33 onlink
192.168.1.0/24 dev ens38  proto kernel  scope link  src 192.168.1.121
192.168.200.0/24 dev ens33  proto kernel  scope link  src 192.168.200.134
wnoguchi@ubuntu:~$ ping 8.8.8.8 -c2
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=128 time=11.8 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=128 time=10.2 ms

--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 10.244/11.033/11.822/0.789 ms
wnoguchi@ubuntu:~$ ping www.google.co.jp -c2
PING www.google.co.jp (172.217.161.227) 56(84) bytes of data.
64 bytes from kix06s05-in-f3.1e100.net (172.217.161.227): icmp_seq=1 ttl=128 time=16.6 ms
64 bytes from kix06s05-in-f3.1e100.net (172.217.161.227): icmp_seq=2 ttl=128 time=17.0 ms

--- www.google.co.jp ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1005ms
rtt min/avg/max/mdev = 16.607/16.842/17.077/0.235 ms

Snapshot. Ubuntu Networking Configuration

Host Name, hosts configuration

root@ubuntu:~# hostnamectl set-hostname controller
root@ubuntu:~# hostname
controller
/etc/hosts
127.0.0.1       localhost
127.0.1.1       ubuntu
 
# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
/etc/hosts
127.0.0.1       localhost
127.0.1.1       ubuntu
 
# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
 
192.168.200.134 controller.mitaka.openstack.pg1x.internal controller
root@ubuntu:~# ping controller -c1
PING controller.mitaka.openstack.pg1x.internal (192.168.200.134) 56(84) bytes of data.
64 bytes from controller.mitaka.openstack.pg1x.internal (192.168.200.134): icmp_seq=1 ttl=64 time=0.077 ms

--- controller.mitaka.openstack.pg1x.internal ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.077/0.077/0.077/0.000 ms

NTP configuration

root@ubuntu:~# apt-get install -y chrony
root@ubuntu:~# cp -p /etc/chrony/chrony.conf{,.`date +%Y%m%d%H%M%S`}
root@ubuntu:~# ls -l /etc/chrony/chrony.conf*
-rw-r--r-- 1 root root 2971 Nov 19  2015 /etc/chrony/chrony.conf
-rw-r--r-- 1 root root 2971 Nov 19  2015 /etc/chrony/chrony.conf.20180417082231
/etc/chrony/chrony.conf
server ntp.nict.jp iburst
root@ubuntu:~# diff -u /etc/chrony/chrony.conf{.20180417082231,}
--- /etc/chrony/chrony.conf.20180417082231      2015-11-19 03:51:35.000000000 +0900
+++ /etc/chrony/chrony.conf     2018-04-17 08:24:14.679282257 +0900
@@ -17,7 +17,8 @@
 # fails they will be discarded.  Thus under some circumstances it is
 # better to use IP numbers than host names.

-pool 2.debian.pool.ntp.org offline iburst
+#pool 2.debian.pool.ntp.org offline iburst
+server ntp.nict.jp iburst

 # Look here for the admin password needed for chronyc.  The initial
 # password is generated by a random process at install time.  You may
root@ubuntu:~# systemctl restart chrony
root@ubuntu:~# systemctl status chrony
● chrony.service - LSB: Controls chronyd NTP time daemon
   Loaded: loaded (/etc/init.d/chrony; bad; vendor preset: enabled)
   Active: active (running) since Tue 2018-04-17 08:25:31 JST; 894ms ago
     Docs: man:systemd-sysv-generator(8)
  Process: 2448 ExecStop=/etc/init.d/chrony stop (code=exited, status=0/SUCCESS)
  Process: 2457 ExecStart=/etc/init.d/chrony start (code=exited, status=0/SUCCESS)
    Tasks: 1
   Memory: 404.0K
      CPU: 26ms
   CGroup: /system.slice/chrony.service
           └─2464 /usr/sbin/chronyd

Apr 17 08:25:29 controller systemd[1]: Starting LSB: Controls chronyd NTP time daemon...
Apr 17 08:25:29 controller chronyd[2464]: chronyd version 2.1.1 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP -DEBUG +ASYNCDNS +IPV6 +SE
Apr 17 08:25:29 controller chronyd[2464]: Frequency -2318.832 +/- 93.998 ppm read from /var/lib/chrony/chrony.drift
Apr 17 08:25:31 controller chrony[2457]: chronyd is running and online.
Apr 17 08:25:31 controller systemd[1]: Started LSB: Controls chronyd NTP time daemon.
root@ubuntu:~# chronyc sources
210 Number of sources = 1
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* ntp-a2.nict.go.jp             1   6    17    40   +191us[  -84us] +/- 5260us

Take Snapshot NTP

Repository and Package Update

root@controller:~# apt-get install -y software-properties-common
root@controller:~# apt-get update && apt-get dist-upgrade -y

if already up to date, not need to reboot.

reboot

install OpenStack client commands.

root@controller:~# apt-get install -y python-openstackclient

Take Snapshot Install OpenStack Client

KVM Environment

root@controller:~# apt-get install -y qemu-kvm libvirt-bin virtinst bridge-utils
root@controller:~# systemctl status libvirt-bin
● libvirt-bin.service - Virtualization daemon
   Loaded: loaded (/lib/systemd/system/libvirt-bin.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2018-04-17 08:41:34 JST; 12s ago
     Docs: man:libvirtd(8)
           http://libvirt.org
 Main PID: 5574 (libvirtd)
   CGroup: /system.slice/libvirt-bin.service
           ├─5574 /usr/sbin/libvirtd
           ├─5942 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvir
           └─5943 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvir

Apr 17 08:41:34 controller systemd[1]: Started Virtualization daemon.
Apr 17 08:41:45 controller dnsmasq[5942]: started, version 2.75 cachesize 150
Apr 17 08:41:45 controller dnsmasq[5942]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth
Apr 17 08:41:45 controller dnsmasq-dhcp[5942]: DHCP, IP range 192.168.122.2 -- 192.168.122.254, lease time 1h
Apr 17 08:41:45 controller dnsmasq-dhcp[5942]: DHCP, sockets bound exclusively to interface virbr0
Apr 17 08:41:45 controller dnsmasq[5942]: reading /etc/resolv.conf
Apr 17 08:41:45 controller dnsmasq[5942]: using nameserver 192.168.200.2#53
Apr 17 08:41:45 controller dnsmasq[5942]: read /etc/hosts - 6 addresses
Apr 17 08:41:45 controller dnsmasq[5942]: read /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
Apr 17 08:41:45 controller dnsmasq-dhcp[5942]: read /var/lib/libvirt/dnsmasq/default.hostsfile

Take Snapshot Install KVM Environment

Create Database

OpenStack Docs: SQL database

root@controller:~# apt-get install -y mariadb-server python-pymysql

create

/etc/mysql/conf.d/openstack.cnf
[mysqld]
default-storage-engine = innodb
innodb_file_per_table
#max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
root@controller:~# cp -p /etc/mysql/mariadb.conf.d/50-server.cnf{,.`date +%Y%m%d%H%M%S`}
root@controller:~# vim /etc/mysql/mariadb.conf.d/50-server.cnf
root@controller:~# ls -l /etc/mysql/mariadb.conf.d/50-server.cnf*
-rw-r--r-- 1 root root 3517 Apr 17 09:06 /etc/mysql/mariadb.conf.d/50-server.cnf
-rw-r--r-- 1 root root 3492 Mar  6 18:15 /etc/mysql/mariadb.conf.d/50-server.cnf.20180417090414
root@controller:~# diff -u /etc/mysql/mariadb.conf.d/50-server.cnf{.20180417090414,}
--- /etc/mysql/mariadb.conf.d/50-server.cnf.20180417090414      2018-03-06 18:15:56.000000000 +0900
+++ /etc/mysql/mariadb.conf.d/50-server.cnf     2018-04-17 09:06:25.256141298 +0900
@@ -10,6 +10,7 @@

 # this is only for the mysqld standalone daemon
 [mysqld]
+bind-address = 192.168.200.134

 #
 # * Basic Settings
@@ -102,8 +103,8 @@
 # MySQL/MariaDB default is Latin1, but in Debian we rather default to the full
 # utf8 4-byte character set. See also client.cnf
 #
-character-set-server  = utf8mb4
-collation-server      = utf8mb4_general_ci
+character-set-server  = utf8
+collation-server      = utf8_general_ci

 #
 # * Unix socket authentication plugin is built-in since 10.0.22-6
/etc/mysql/mariadb.conf.d/50-client.cnf
[client]
# Default is Latin1, if you need UTF-8 set this (also in server section)
default-character-set = utf8mb4

change to

/etc/mysql/mariadb.conf.d/50-client.cnf
[client]
# Default is Latin1, if you need UTF-8 set this (also in server section)
default-character-set = utf8
/etc/mysql/mariadb.conf.d/50-mysql-clients.cnf
[mysql]
# Default is Latin1, if you need UTF-8 set this (also in server section)
default-character-set = utf8mb4

change to

/etc/mysql/mariadb.conf.d/50-mysql-clients.cnf
[mysql]
# Default is Latin1, if you need UTF-8 set this (also in server section)
default-character-set = utf8
root@controller:~# systemctl restart mysql
root@controller:~# systemctl status mysql
● mysql.service - LSB: Start and stop the mysql database server daemon
   Loaded: loaded (/etc/init.d/mysql; bad; vendor preset: enabled)
   Active: active (running) since Tue 2018-04-17 09:08:49 JST; 1s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 4117 ExecStop=/etc/init.d/mysql stop (code=exited, status=0/SUCCESS)
  Process: 4153 ExecStart=/etc/init.d/mysql start (code=exited, status=0/SUCCESS)
    Tasks: 26
   Memory: 48.2M
      CPU: 549ms
   CGroup: /system.slice/mysql.service
           ├─4183 /bin/bash /usr/bin/mysqld_safe
           ├─4342 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --skip-log-erro
           └─4343 logger -t mysqld -p daemon error

Apr 17 09:08:48 controller mysqld[4343]: 180417  9:08:48 [Note] InnoDB: Highest supported file format is Barracuda.
Apr 17 09:08:48 controller mysqld[4343]: 180417  9:08:48 [Note] InnoDB: 128 rollback segment(s) are active.
Apr 17 09:08:48 controller mysqld[4343]: 180417  9:08:48 [Note] InnoDB: Waiting for purge to start
Apr 17 09:08:48 controller mysqld[4343]: 180417  9:08:48 [Note] InnoDB:  Percona XtraDB (http://www.percona.com) 5.6.36-83.0 started; log
Apr 17 09:08:48 controller mysqld[4343]: 180417  9:08:48 [Note] Plugin 'FEEDBACK' is disabled.
Apr 17 09:08:48 controller mysqld[4343]: 180417  9:08:48 [Note] Server socket created on IP: '127.0.0.1'.
Apr 17 09:08:48 controller mysqld[4343]: 180417  9:08:48 [Note] /usr/sbin/mysqld: ready for connections.
Apr 17 09:08:48 controller mysqld[4343]: Version: '10.0.34-MariaDB-0ubuntu0.16.04.1'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  U
Apr 17 09:08:49 controller mysql[4153]:    ...done.
Apr 17 09:08:49 controller systemd[1]: Started LSB: Start and stop the mysql database server daemon.
root@controller:~# systemctl enable mysql
mysql.service is not a native service, redirecting to systemd-sysv-install
Executing /lib/systemd/systemd-sysv-install enable mysql

password1234

root@controller:~# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] n
 ... skipping.

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
root@controller:~# mysqladmin -u root password
New password: password1234
Confirm new password: password1234

check database status.

root@controller:~# mysql -u root -ppassword1234
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 39
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> select user,host,password from mysql.user;
+------+-----------+-------------------------------------------+
| user | host      | password                                  |
+------+-----------+-------------------------------------------+
| root | localhost | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
+------+-----------+-------------------------------------------+
1 row in set (0.00 sec)

MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec)

MariaDB [(none)]> exit
Bye

Take Snapshot Create Database

Install RabbitMQ

OpenStack Docs: Message queue

root@controller:~# apt-get install -y rabbitmq-server
root@controller:~# cp /lib/systemd/system/rabbitmq-server.service /etc/systemd/system/
root@controller:~# vim /etc/systemd/system/rabbitmq-server.service
root@controller:~# diff -u /lib/systemd/system/rabbitmq-server.service /etc/systemd/system/rabbitmq-server.service
--- /lib/systemd/system/rabbitmq-server.service 2016-01-18 23:05:55.000000000 +0900
+++ /etc/systemd/system/rabbitmq-server.service 2018-04-17 20:38:06.335629042 +0900
@@ -10,6 +10,8 @@
 ExecStart=/usr/sbin/rabbitmq-server
 ExecStartPost=/usr/lib/rabbitmq/bin/rabbitmq-server-wait
 ExecStop=/usr/sbin/rabbitmqctl stop
+TimeoutStartSec=900
+TimeoutStopSec=900

 [Install]
 WantedBy=multi-user.target

Difference only.

/etc/systemd/system/rabbitmq-server.service
[Service]
TimeoutStartSec=900
TimeoutStopSec=900
root@controller:~# cp -p /etc/rabbitmq/rabbitmq-env.conf{,.`date +%Y%m%d%H%M%S`}
root@controller:~# ls -l /etc/rabbitmq/rabbitmq-env.conf*
-rw-r--r-- 1 rabbitmq rabbitmq 535 Apr 17 09:21 /etc/rabbitmq/rabbitmq-env.conf
-rw-r--r-- 1 rabbitmq rabbitmq 535 Apr 17 09:21 /etc/rabbitmq/rabbitmq-env.conf.20180417204946
root@controller:~# vim /etc/rabbitmq/rabbitmq-env.conf
root@controller:~# diff -u /etc/rabbitmq/rabbitmq-env.conf{.*,}
--- /etc/rabbitmq/rabbitmq-env.conf.20180417204946      2018-04-17 09:21:02.617125933 +0900
+++ /etc/rabbitmq/rabbitmq-env.conf     2018-04-17 20:54:44.174771930 +0900
@@ -2,12 +2,13 @@
 # per machine - RABBITMQ_NODENAME should be unique per erlang-node-and-machine
 # combination. See the clustering on a single machine guide for details:
 # http://www.rabbitmq.com/clustering.html#single-machine
-#NODENAME=rabbit
+NODENAME=controller

 # By default RabbitMQ will bind to all interfaces, on IPv4 and IPv6 if
 # available. Set this if you only want to bind to one network interface or#
 # address family.
-#NODE_IP_ADDRESS=127.0.0.1
+NODE_IP_ADDRESS=192.168.200.134

 # Defaults to 5672.
-#NODE_PORT=5672
+NODE_PORT=5672
+
/etc/rabbitmq/rabbitmq-env.conf
# Defaults to rabbit. This can be useful if you want to run more than one node
# per machine - RABBITMQ_NODENAME should be unique per erlang-node-and-machine
# combination. See the clustering on a single machine guide for details:
# http://www.rabbitmq.com/clustering.html#single-machine
NODENAME=controller
 
# By default RabbitMQ will bind to all interfaces, on IPv4 and IPv6 if
# available. Set this if you only want to bind to one network interface or#
# address family.
NODE_IP_ADDRESS=192.168.200.134
 
# Defaults to 5672.
NODE_PORT=5672

Restart RabbitMQ Service.

root@controller:~# systemctl daemon-reload
root@controller:~# systemctl restart rabbitmq-server
root@controller:~# systemctl status rabbitmq-server
● rabbitmq-server.service - RabbitMQ Messaging Server
   Loaded: loaded (/etc/systemd/system/rabbitmq-server.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2018-04-17 20:58:48 JST; 1s ago
  Process: 11817 ExecStop=/usr/sbin/rabbitmqctl stop (code=exited, status=2)
  Process: 11911 ExecStartPost=/usr/lib/rabbitmq/bin/rabbitmq-server-wait (code=exited, status=0/SUCCESS)
 Main PID: 11910 (rabbitmq-server)
    Tasks: 82
   Memory: 48.9M
      CPU: 2.329s
   CGroup: /system.slice/rabbitmq-server.service
           ├─11910 /bin/sh /usr/sbin/rabbitmq-server
           ├─11920 /bin/sh -e /usr/lib/rabbitmq/bin/rabbitmq-server
           ├─11994 /usr/lib/erlang/erts-7.3/bin/epmd -daemon
           ├─12057 /usr/lib/erlang/erts-7.3/bin/beam.smp -W w -A 64 -P 1048576 -K true -B i -- -root /usr/lib/erlang -progname erl -- -hom
           ├─12174 inet_gethost 4
           └─12175 inet_gethost 4

Apr 17 20:58:47 controller systemd[1]: Starting RabbitMQ Messaging Server...
Apr 17 20:58:47 controller rabbitmq[11911]: Waiting for controller@controller ...
Apr 17 20:58:47 controller rabbitmq[11911]: pid is 11920 ...
Apr 17 20:58:48 controller systemd[1]: Started RabbitMQ Messaging Server.

Configure RabbitMQ Privileges and Password

root@controller:~# rabbitmqctl add_user openstack $WELL_KNOWN_PASSWORD
Creating user "openstack" ...

Add privilege to created user.
“.*” “.*” “.*” means

  1. Write
  2. Read
  3. Configuration
root@controller:~# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...

Take Snapshot RabbitMQ

Configure memcached

OpenStack Docs: Memcached

root@controller:~# apt-get install -y memcached python-memcache
root@controller:~# cp -p /etc/memcached.conf{,.`date +%Y%m%d%H%M%S`}
root@controller:~# ls -l /etc/memcached.conf*
-rw-r--r-- 1 root root 1427 Apr 18 07:56 /etc/memcached.conf
-rw-r--r-- 1 root root 1427 Apr 18 07:56 /etc/memcached.conf.20180418075709
root@controller:~# vim /etc/memcached.conf
root@controller:~# diff -u /etc/memcached.conf{.*,}
--- /etc/memcached.conf.20180418075709  2018-04-18 07:56:02.745046088 +0900
+++ /etc/memcached.conf 2018-04-18 07:59:48.102608012 +0900
@@ -32,7 +32,7 @@
 # Specify which IP address to listen on. The default is to listen on all IP addresses
 # This parameter is one of the only security measures that memcached has, so make sure
 # it's listening on a firewalled interface.
--l 127.0.0.1
+-l 192.168.200.134

 # Limit the number of simultaneous incoming connections. The daemon default is 1024
 # -c 1024

changes only.

/etc/memcached.conf
-l 192.168.200.134

Let's view setting without comment and blank lines.

root@controller:~# cat /etc/memcached.conf | grep -v ^# | grep -v ^$
-d
logfile /var/log/memcached.log
-m 64
-p 11211
-u memcache
-l 192.168.200.134
root@controller:~# systemctl restart memcached
root@controller:~# systemctl status memcached
● memcached.service - memcached daemon
   Loaded: loaded (/lib/systemd/system/memcached.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2018-04-18 08:02:24 JST; 2s ago
 Main PID: 10368 (memcached)
    Tasks: 6
   Memory: 660.0K
      CPU: 5ms
   CGroup: /system.slice/memcached.service
           └─10368 /usr/bin/memcached -m 64 -p 11211 -u memcache -l 192.168.200.134

Apr 18 08:02:24 controller systemd[1]: Started memcached daemon.

Take Snapshot Install and configure memcached

Identity Service (Keystone)

IT'S MOST IMPORTANT COMPONENT: AUTHENTICATION SERVICE.

OpenStack Docs: Identity service

Install and configure

OpenStack Docs: Install and configure

GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
   IDENTIFIED BY 'password1234';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
   IDENTIFIED BY 'password1234';
FLUSH PRIVILEGES;
root@controller:~# mysql -u root -p$WELL_KNOWN_PASSWORD
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 33
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
    ->   IDENTIFIED BY 'password1234';
Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
    ->   IDENTIFIED BY 'password1234';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit
Bye
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
  IDENTIFIED BY 'password1234';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
  IDENTIFIED BY 'password1234';
FLUSH PRIVILEGES;

later, It's important to change bind address.

root@controller:~# systemctl restart mysql

Install Required Components: Apache2

root@controller:~# apt-get install -y keystone apache2 libapache2-mod-wsgi

(snip)

Setting up python-webob (1.5.1-1) ...
Setting up python-keystonemiddleware (4.4.1-0ubuntu1) ...
Setting up python-kombu (3.0.33-1ubuntu2) ...
Setting up python-sqlparse (0.1.18-1) ...
Setting up python-tempita (0.5.2-1build1) ...
Setting up python-migrate (0.10.0-3ubuntu2) ...
update-alternatives: using /usr/bin/python2-migrate to provide /usr/bin/migrate (migrate) in auto mode
update-alternatives: using /usr/bin/python2-migrate-repository to provide /usr/bin/migrate-repository (migrate-repository) in auto mode
Setting up python-oauthlib (1.0.3-1) ...
Setting up python-openid (2.2.5-6) ...
Setting up python-pyinotify (0.9.6-0fakesync1) ...
Setting up python-oslo.log (3.2.0-2) ...
Setting up python-oslo.cache (1.6.0-2) ...
Setting up python-retrying (1.3.3-1) ...
Setting up python-oslo.concurrency (3.7.1-0ubuntu1.1) ...
update-alternatives: using /usr/bin/python2-lockutils-wrapper to provide /usr/bin/lockutils-wrapper (lockutils-wrapper) in auto mode
Setting up python-oslo.db (4.7.0-2ubuntu1) ...
Setting up python-oslo.middleware (3.8.0-2) ...
Setting up python-paste (1.7.5.1-6ubuntu3) ...
Setting up python-pastedeploy-tpl (1.5.2-1) ...
Setting up python-pastedeploy (1.5.2-1) ...
Setting up python-repoze.lru (0.6-6) ...
Setting up python-routes (2.2-1ubuntu2) ...
Setting up python-oslo.service (1.8.0-1ubuntu1) ...
Setting up python-pika (0.10.0-1) ...
Setting up python-pika-pool (0.1.3-1ubuntu1) ...
Setting up python-oslo.messaging (4.6.1-2ubuntu2) ...
update-alternatives: using /usr/bin/python2-oslo-messaging-zmq-broker to provide /usr/bin/oslo-messaging-zmq-broker (oslo-messaging-zmq-broker) in auto mode
Setting up python-oslo.policy (1.6.0-2) ...
update-alternatives: using /usr/bin/python2-oslopolicy-checker to provide /usr/bin/oslopolicy-checker (oslopolicy-checker) in auto mode
Setting up python-setuptools (20.7.0-1) ...
Setting up python-pastescript (1.7.5-3build1) ...
Setting up xmlsec1 (1.2.20-2ubuntu4) ...
Setting up python-zope.interface (4.1.3-1build1) ...
Setting up python-pysaml2 (3.0.0-3ubuntu1.16.04.3) ...
update-alternatives: using /usr/bin/python2-make_metadata to provide /usr/bin/make_metadata (make_metadata) in auto mode
update-alternatives: using /usr/bin/python2-mdexport to provide /usr/bin/mdexport (mdexport) in auto mode
update-alternatives: using /usr/bin/python2-parse_xsd2 to provide /usr/bin/parse_xsd2 (parse_xsd2) in auto mode
update-alternatives: using /usr/bin/python2-merge_metadata to provide /usr/bin/merge_metadata (merge_metadata) in auto mode
Setting up python-scgi (1.13-1.1build1) ...
Setting up python-sqlalchemy-ext (1.0.11+ds1-1ubuntu2) ...
Setting up ssl-cert (1.0.37) ...
Setting up python-passlib (1.6.5-4) ...
Setting up python-keystone (2:9.3.0-0ubuntu3.2) ...
Setting up keystone (2:9.3.0-0ubuntu3.2) ...
2018-04-19 08:08:22.394 22776 INFO migrate.versioning.api [-] 66 -> 67...
2018-04-19 08:08:22.726 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.726 22776 INFO migrate.versioning.api [-] 67 -> 68...
2018-04-19 08:08:22.732 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.732 22776 INFO migrate.versioning.api [-] 68 -> 69...
2018-04-19 08:08:22.738 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.738 22776 INFO migrate.versioning.api [-] 69 -> 70...
2018-04-19 08:08:22.745 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.745 22776 INFO migrate.versioning.api [-] 70 -> 71...
2018-04-19 08:08:22.750 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.751 22776 INFO migrate.versioning.api [-] 71 -> 72...
2018-04-19 08:08:22.757 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.757 22776 INFO migrate.versioning.api [-] 72 -> 73...
2018-04-19 08:08:22.795 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.795 22776 INFO migrate.versioning.api [-] 73 -> 74...
2018-04-19 08:08:22.817 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.817 22776 INFO migrate.versioning.api [-] 74 -> 75...
2018-04-19 08:08:22.828 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.829 22776 INFO migrate.versioning.api [-] 75 -> 76...
2018-04-19 08:08:22.837 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.838 22776 INFO migrate.versioning.api [-] 76 -> 77...
2018-04-19 08:08:22.843 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.843 22776 INFO migrate.versioning.api [-] 77 -> 78...
2018-04-19 08:08:22.849 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.849 22776 INFO migrate.versioning.api [-] 78 -> 79...
2018-04-19 08:08:22.854 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.854 22776 INFO migrate.versioning.api [-] 79 -> 80...
2018-04-19 08:08:22.860 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.860 22776 INFO migrate.versioning.api [-] 80 -> 81...
2018-04-19 08:08:22.877 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.877 22776 INFO migrate.versioning.api [-] 81 -> 82...
2018-04-19 08:08:22.921 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.921 22776 INFO migrate.versioning.api [-] 82 -> 83...
2018-04-19 08:08:22.956 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.956 22776 INFO migrate.versioning.api [-] 83 -> 84...
2018-04-19 08:08:22.973 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.973 22776 INFO migrate.versioning.api [-] 84 -> 85...
2018-04-19 08:08:22.997 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:22.997 22776 INFO migrate.versioning.api [-] 85 -> 86...
2018-04-19 08:08:23.018 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.018 22776 INFO migrate.versioning.api [-] 86 -> 87...
2018-04-19 08:08:23.053 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.054 22776 INFO migrate.versioning.api [-] 87 -> 88...
2018-04-19 08:08:23.083 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.084 22776 INFO migrate.versioning.api [-] 88 -> 89...
2018-04-19 08:08:23.110 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.111 22776 INFO migrate.versioning.api [-] 89 -> 90...
2018-04-19 08:08:23.128 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.128 22776 INFO migrate.versioning.api [-] 90 -> 91...
2018-04-19 08:08:23.182 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.182 22776 INFO migrate.versioning.api [-] 91 -> 92...
2018-04-19 08:08:23.229 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.229 22776 INFO migrate.versioning.api [-] 92 -> 93...
2018-04-19 08:08:23.296 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.297 22776 INFO migrate.versioning.api [-] 93 -> 94...
2018-04-19 08:08:23.324 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.324 22776 INFO migrate.versioning.api [-] 94 -> 95...
2018-04-19 08:08:23.350 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.350 22776 INFO migrate.versioning.api [-] 95 -> 96...
2018-04-19 08:08:23.358 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.359 22776 INFO migrate.versioning.api [-] 96 -> 97...
2018-04-19 08:08:23.368 22776 INFO migrate.versioning.api [-] done
2018-04-19 08:08:23.977 22781 WARNING keystone.cmd.cli [-] Deprecated: keystone-manage pki_setup is deprecated as of Mitaka in favor of not using PKI tokens and may be removed in 'O' release.
2018-04-19 08:08:23.977 22781 WARNING keystone.cmd.cli [-] keystone-manage pki_setup is not recommended for production use.
2018-04-19 08:08:23.983 22781 INFO keystone.common.openssl [-] Running command - openssl genrsa -out /etc/keystone/ssl/private/cakey.pem 2048
2018-04-19 08:08:24.029 22781 INFO keystone.common.openssl [-] Running command - openssl req -new -x509 -extensions v3_ca -key /etc/keystone/ssl/private/cakey.pem -out /etc/keystone/ssl/certs/ca.pem -days 3650 -config /etc/keystone/ssl/certs/openssl.conf -subj /C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com
2018-04-19 08:08:24.036 22781 INFO keystone.common.openssl [-] Running command - openssl genrsa -out /etc/keystone/ssl/private/signing_key.pem 2048
2018-04-19 08:08:24.163 22781 INFO keystone.common.openssl [-] Running command - openssl req -key /etc/keystone/ssl/private/signing_key.pem -new -out /etc/keystone/ssl/certs/req.pem -config /etc/keystone/ssl/certs/openssl.conf -subj /C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com
2018-04-19 08:08:24.172 22781 INFO keystone.common.openssl [-] Running command - openssl ca -batch -out /etc/keystone/ssl/certs/signing_cert.pem -config /etc/keystone/ssl/certs/openssl.conf -days 3650d -cert /etc/keystone/ssl/certs/ca.pem -keyfile /etc/keystone/ssl/private/cakey.pem -infiles /etc/keystone/ssl/certs/req.pem
Processing triggers for libc-bin (2.23-0ubuntu10) ...
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for ufw (0.35-0ubuntu2) ...
root@controller:~# systemctl stop keystone
root@controller:~# systemctl disable keystone
Synchronizing state of keystone.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install disable keystone
insserv: warning: current start runlevel(s) (empty) of script `keystone' overrides LSB defaults (2 3 4 5).
insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `keystone' overrides LSB defaults (0 1 6).
root@controller:~# systemctl status | fgrep Active
               │ └─23382 grep -F --color=auto Active
root@controller:~# systemctl is-active keystone
inactive

Generate Token, configure keystone.conf

root@controller:~# openssl rand -hex 10
012c3690a3486a210193
root@controller:~# cp -p /etc/keystone/keystone.conf{,.`date +%Y%m%d%H%M%S`}
root@controller:~# ls -l /etc/keystone/keystone.conf*
-rw-r--r-- 1 root root 73221 Jan 19 01:45 /etc/keystone/keystone.conf
-rw-r--r-- 1 root root 73221 Jan 19 01:45 /etc/keystone/keystone.conf.20180419084216
root@controller:~# vim /etc/keystone/keystone.conf
root@controller:~# diff -u /etc/keystone/keystone.conf{.*,}
--- /etc/keystone/keystone.conf.20180419084216  2018-01-19 01:45:40.000000000 +0900
+++ /etc/keystone/keystone.conf 2018-04-19 08:50:58.221526050 +0900
@@ -10,7 +10,7 @@
 # effectively disabled. To completely disable `admin_token` in production
 # (highly recommended), remove AdminTokenAuthMiddleware from your paste
 # application pipelines (for example, in keystone-paste.ini). (string value)
-#admin_token = <None>
+admin_token = 012c3690a3486a210193

 # The base public endpoint URL for Keystone that is advertised to clients
 # (NOTE: this does NOT affect how Keystone listens for connections). Defaults
@@ -548,7 +548,7 @@
 # Deprecated group/name - [DATABASE]/sql_connection
 # Deprecated group/name - [sql]/connection
 #connection = <None>
-connection = sqlite:////var/lib/keystone/keystone.db
+connection = mysql+pymysql://keystone:password1234@controller/keystone

 # The SQLAlchemy connection string to use to connect to the slave database.
 # (string value)
@@ -2004,7 +2004,7 @@
 # Controls the token construction, validation, and revocation operations.
 # Entrypoint in the keystone.token.provider namespace. Core providers are
 # [fernet|pkiz|pki|uuid]. (string value)
-#provider = uuid
+provider = fernet

 # Entrypoint for the token persistence backend driver in the
 # keystone.token.persistence namespace. Supplied drivers are kvs, memcache,

Configuration summary.

/etc/keystone/keystone.conf
[DEFAULT]
admin_token = 012c3690a3486a210193
 
[database]
connection = mysql+pymysql://keystone:password1234@controller/keystone
 
[token]
provider = fernet

Populate the Identity service database:

root@controller:~# su -s /bin/sh -c "keystone-manage db_sync" keystone
root@controller:~# su -s /bin/sh -c "keystone-manage db_sync" keystone
2018-04-19 08:55:07.612 23592 WARNING oslo_db.sqlalchemy.engines [-] SQL connection failed. 10 attempts left.
2018-04-19 08:55:17.624 23592 WARNING oslo_db.sqlalchemy.engines [-] SQL connection failed. 9 attempts left.
^C
Session terminated, terminating shell...2018-04-19 08:55:19.851 23592 CRITICAL keystone [-] KeyboardInterrupt
2018-04-19 08:55:19.851 23592 ERROR keystone Traceback (most recent call last):
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/bin/keystone-manage", line 10, in <module>
2018-04-19 08:55:19.851 23592 ERROR keystone     sys.exit(main())
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/keystone/cmd/manage.py", line 47, in main
2018-04-19 08:55:19.851 23592 ERROR keystone     cli.main(argv=sys.argv, config_files=config_files)
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/keystone/cmd/cli.py", line 1095, in main
2018-04-19 08:55:19.851 23592 ERROR keystone     CONF.command.cmd_class.main()
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/keystone/cmd/cli.py", line 403, in main
2018-04-19 08:55:19.851 23592 ERROR keystone     migration_helpers.sync_database_to_version(extension, version)
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/keystone/common/sql/migration_helpers.py", line 210,
 in sync_database_to_version
2018-04-19 08:55:19.851 23592 ERROR keystone     _sync_common_repo(version)
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/keystone/common/sql/migration_helpers.py", line 132,
 in _sync_common_repo
2018-04-19 08:55:19.851 23592 ERROR keystone     with sql.session_for_write() as session:
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/contextlib.py", line 17, in __enter__
2018-04-19 08:55:19.851 23592 ERROR keystone     return self.gen.next()
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py", line 759, in _t
ransaction_scope
2018-04-19 08:55:19.851 23592 ERROR keystone     allow_async=self._allow_async) as resource:
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/contextlib.py", line 17, in __enter__
2018-04-19 08:55:19.851 23592 ERROR keystone     return self.gen.next()
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py", line 491, in _s
ession
2018-04-19 08:55:19.851 23592 ERROR keystone     bind=self.connection, mode=self.mode)
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py", line 272, in _c
reate_session
2018-04-19 08:55:19.851 23592 ERROR keystone     self._start()
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py", line 338, in _s
tart
2018-04-19 08:55:19.851 23592 ERROR keystone     engine_args, maker_args)
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py", line 362, in _s
etup_for_connection
2018-04-19 08:55:19.851 23592 ERROR keystone     sql_connection=sql_connection, **engine_kwargs)
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/engines.py", line 152, in create_
engine
2018-04-19 08:55:19.851 23592 ERROR keystone     test_conn = _test_connection(engine, max_retries, retry_interval)
2018-04-19 08:55:19.851 23592 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/engines.py", line 330, in _test_c
onnection
2018-04-19 08:55:19.851 23592 ERROR keystone     time.sleep(retry_interval)
2018-04-19 08:55:19.851 23592 ERROR keystone KeyboardInterrupt
2018-04-19 08:55:19.851 23592 ERROR keystone
 ...terminated.

What's happen???

root@controller:~# ping controller
PING controller.mitaka.openstack.pg1x.internal (192.168.200.134) 56(84) bytes of data.
64 bytes from controller.mitaka.openstack.pg1x.internal (192.168.200.134): icmp_seq=1 ttl=64 time=0.046 ms
64 bytes from controller.mitaka.openstack.pg1x.internal (192.168.200.134): icmp_seq=2 ttl=64 time=0.072 ms
64 bytes from controller.mitaka.openstack.pg1x.internal (192.168.200.134): icmp_seq=3 ttl=64 time=0.089 ms
^C
--- controller.mitaka.openstack.pg1x.internal ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2016ms
rtt min/avg/max/mdev = 0.046/0.069/0.089/0.017 ms
root@controller:~# mysql -u keystone -h controller -ppassword1234
ERROR 2003 (HY000): Can't connect to MySQL server on 'controller' (111 "Connection refused")
root@controller:~# mysql -u root -p$WELL_KNOWN_PASSWORD
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 34
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> SELECT User, Host, Password FROM mysql.user;
+----------+-----------+-------------------------------------------+
| User     | Host      | Password                                  |
+----------+-----------+-------------------------------------------+
| root     | localhost | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
| keystone | localhost | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
| keystone | %         | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
+----------+-----------+-------------------------------------------+
3 rows in set (0.00 sec)

MariaDB [(none)]> \q
Bye
root@controller:~# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 35
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> \q
Bye
root@controller:~# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 36
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> \q
Bye
root@controller:~# echo $WELL_KNOWN_PASSWORD
password1234
root@controller:~# mysql -u root -p $WELL_KNOWN_PASSWORD
Enter password:
ERROR 1049 (42000): Unknown database 'password1234'
root@controller:~# mysql -u root -p"$WELL_KNOWN_PASSWORD"
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 38
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> \q
Bye
root@controller:~# mysql -u root --password=p$WELL_KNOWN_PASSWORD
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 39
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> \q
Bye
root@controller:~# mysql -u root
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 40
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> \q
Bye
root@controller:~# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
root@controller:~# mysql -u root
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 49
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> \q
Bye
root@controller:~# mysql -u keystone -h controller -ppassword1234
ERROR 2003 (HY000): Can't connect to MySQL server on 'controller' (111 "Connection refused")
root@controller:~# vim /etc/mysql/
conf.d/          debian.cnf       debian-start     mariadb.cnf      mariadb.conf.d/  my.cnf           my.cnf.fallback
root@controller:~# vim /etc/mysql/mariadb.c
mariadb.cnf     mariadb.conf.d/
root@controller:~# vim /etc/mysql/mariadb.c
mariadb.cnf     mariadb.conf.d/
root@controller:~# vim /etc/mysql/mariadb.cnf
.bash_history   .bashrc         logs/           .mysql_history  .profile        .rnd            .viminfo
root@controller:~# vim /etc/mysql/mariadb.cnf
.bash_history   .bashrc         logs/           .mysql_history  .profile        .rnd            .viminfo
root@controller:~# vim /etc/mysql/mariadb.cnf
root@controller:~# vim /etc/mysql/mariadb.conf.d/50-
50-client.cnf                 50-mysqld_safe.cnf            50-server.cnf.20180417090414
50-mysql-clients.cnf          50-server.cnf
root@controller:~# vim /etc/mysql/mariadb.conf.d/50-server.cnf
root@controller:~# systemctl restart mariadb
Failed to restart mariadb.service: Unit mariadb.service not found.
root@controller:~# systemctl restart mysql
root@controller:~# mysql -u keystone -h controller -ppassword1234
ERROR 2003 (HY000): Can't connect to MySQL server on 'controller' (111 "Connection refused")
root@controller:~# ping -c1 controller
PING controller.mitaka.openstack.pg1x.internal (192.168.200.134) 56(84) bytes of data.
64 bytes from controller.mitaka.openstack.pg1x.internal (192.168.200.134): icmp_seq=1 ttl=64 time=0.042 ms

--- controller.mitaka.openstack.pg1x.internal ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.042/0.042/0.042/0.000 ms
root@controller:~# ss -antu
Netid  State      Recv-Q Send-Q                     Local Address:Port                                    Peer Address:Port
udp    UNCONN     0      0                          192.168.122.1:53                                                 *:*
udp    UNCONN     0      0                               *%virbr0:67                                                 *:*
udp    UNCONN     0      0                              127.0.0.1:323                                                *:*
udp    UNCONN     0      0                                    ::1:323                                               :::*
tcp    LISTEN     0      128                                    *:22                                                 *:*
tcp    LISTEN     0      128                            127.0.0.1:6010                                               *:*
tcp    LISTEN     0      128                      192.168.200.134:5672                                               *:*
tcp    LISTEN     0      128                                    *:25672                                              *:*
tcp    LISTEN     0      128                            127.0.0.1:3306                                               *:*
tcp    LISTEN     0      128                      192.168.200.134:11211                                              *:*
tcp    LISTEN     0      128                                    *:4369                                               *:*
tcp    LISTEN     0      5                          192.168.122.1:53                                                 *:*
tcp    ESTAB      0      0                        192.168.200.134:22                                     192.168.200.1:61979
tcp    ESTAB      0      0                              127.0.0.1:4369                                       127.0.0.1:43564
tcp    TIME-WAIT  0      0                        192.168.200.134:4369                                 192.168.200.134:49021
tcp    ESTAB      0      0                        192.168.200.134:22                                     192.168.200.1:61980
tcp    ESTAB      0      0                              127.0.0.1:43564                                      127.0.0.1:4369
tcp    LISTEN     0      128                                   :::22                                                :::*
tcp    LISTEN     0      128                                  ::1:6010                                              :::*
tcp    LISTEN     0      128                                   :::80                                                :::*
tcp    LISTEN     0      128                                   :::4369                                              :::*
root@controller:~# ss -antu | fgrep 3306
tcp    LISTEN     0      128    127.0.0.1:3306                  *:*
root@controller:~# fgrep -R bind /etc/mysql/
/etc/mysql/mariadb.conf.d/50-server.cnf.20180417090414:bind-address             = 127.0.0.1
/etc/mysql/mariadb.conf.d/50-server.cnf:bind-address = 192.168.200.134
/etc/mysql/mariadb.conf.d/50-server.cnf:bind-address            = 127.0.0.1
root@controller:~# cat /etc/mysql/mariadb.cnf
# The MariaDB configuration file
#
# The MariaDB/MySQL tools read configuration files in the following order:
# 1. "/etc/mysql/mariadb.cnf" (this file) to set global defaults,
# 2. "/etc/mysql/conf.d/*.cnf" to set global options.
# 3. "/etc/mysql/mariadb.conf.d/*.cnf" to set MariaDB-only options.
# 4. "~/.my.cnf" to set user-specific options.
#
# If the same option is defined multiple times, the last one will apply.
#
# One can use all long options that the program supports.
# Run program with --help to get a list of available options and with
# --print-defaults to see which it would actually understand and use.

#
# This group is read both both by the client and the server
# use it for options that affect everything
#
[client-server]

# Import all .cnf files from configuration directory
!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mariadb.conf.d/
root@controller:~# cat /etc/mysql/mariadb.cnf | fgpre include
No command 'fgpre' found, did you mean:
 Command 'gpre' from package 'firebird2.5-super' (universe)
 Command 'gpre' from package 'firebird2.5-classic-common' (universe)
fgpre: command not found
root@controller:~# cat /etc/mysql/mariadb.cnf | fgrep include
!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mariadb.conf.d/

hahaha… this configuration may include backup file… move it.

root@controller:~# mv /etc/mysql/mariadb.conf.d/50-server.cnf.20180417090414 /root/
root@controller:~# systemctl restart mysql
root@controller:~# mysql -u keystone -h controller -ppassword1234
ERROR 2003 (HY000): Can't connect to MySQL server on 'controller' (111 "Connection refused")
(reverse-i-search)`restart': systemctl ^Cstart mysql
root@controller:~# vim /etc/mysql/mariadb.conf.d/50-server.cnf
root@controller:~# fgrep -R bind /etc/mysql/
/etc/mysql/mariadb.conf.d/50-server.cnf:bind-address = 192.168.200.134
/etc/mysql/mariadb.conf.d/50-server.cnf:#bind-address           = 127.0.0.1
root@controller:~# diff -u /root/50-server.cnf.20180417090414 /etc/mysql/mariadb.conf.d/50-server.cnf
--- /root/50-server.cnf.20180417090414  2018-03-06 18:15:56.000000000 +0900
+++ /etc/mysql/mariadb.conf.d/50-server.cnf     2018-04-19 09:17:58.465468858 +0900
@@ -10,6 +10,7 @@

 # this is only for the mysqld standalone daemon
 [mysqld]
+bind-address = 192.168.200.134

 #
 # * Basic Settings
@@ -26,7 +27,7 @@

 # Instead of skip-networking the default is now to listen only on
 # localhost which is more compatible and is not less secure.
-bind-address           = 127.0.0.1
+#bind-address          = 127.0.0.1

 #
 # * Fine Tuning
@@ -102,8 +103,8 @@
 # MySQL/MariaDB default is Latin1, but in Debian we rather default to the full
 # utf8 4-byte character set. See also client.cnf
 #
-character-set-server  = utf8mb4
-collation-server      = utf8mb4_general_ci
+character-set-server  = utf8
+collation-server      = utf8_general_ci

 #
 # * Unix socket authentication plugin is built-in since 10.0.22-6
root@controller:~# systemctl restart mysql
root@controller:~# ss -antu | fgrep 3306
tcp    LISTEN     0      128    192.168.200.134:3306                  *:*
root@controller:~# mysql -u keystone -h controller -ppassword1234
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 32
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> \q
Bye

OK, it's ready to go.

root@controller:~# su -s /bin/sh -c "keystone-manage db_sync" keystone

(snip)

2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters     return Connection(*args, **kwargs)
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters   File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 679, in __init__
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters     self.connect()
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters   File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 891, in connect
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters     self._request_authentication()
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters   File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 1097, in _request_authentication
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters     auth_packet = self._read_packet()
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters   File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 966, in _read_packet
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters     packet.check_error()
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters   File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 394, in check_error
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters     err.raise_mysql_exception(self._data)
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters   File "/usr/lib/python2.7/dist-packages/pymysql/err.py", line 120, in raise_mysql_exception
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters     _check_mysql_exception(errinfo)
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters   File "/usr/lib/python2.7/dist-packages/pymysql/err.py", line 115, in _check_mysql_exception
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters     raise InternalError(errno, errorvalue)
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters InternalError: (1049, u"Unknown database 'keystone'")
2018-04-19 09:20:13.054 25136 ERROR oslo_db.sqlalchemy.exc_filters
2018-04-19 09:20:13.058 25136 CRITICAL keystone [-] DBError: (pymysql.err.InternalError) (1049, u"Unknown database 'keystone'")
2018-04-19 09:20:13.058 25136 ERROR keystone Traceback (most recent call last):
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/bin/keystone-manage", line 10, in <module>
2018-04-19 09:20:13.058 25136 ERROR keystone     sys.exit(main())
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/keystone/cmd/manage.py", line 47, in main
2018-04-19 09:20:13.058 25136 ERROR keystone     cli.main(argv=sys.argv, config_files=config_files)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/keystone/cmd/cli.py", line 1095, in main
2018-04-19 09:20:13.058 25136 ERROR keystone     CONF.command.cmd_class.main()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/keystone/cmd/cli.py", line 403, in main
2018-04-19 09:20:13.058 25136 ERROR keystone     migration_helpers.sync_database_to_version(extension, version)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/keystone/common/sql/migration_helpers.py", line 210, in sync_database_to_version
2018-04-19 09:20:13.058 25136 ERROR keystone     _sync_common_repo(version)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/keystone/common/sql/migration_helpers.py", line 132, in _sync_common_repo
2018-04-19 09:20:13.058 25136 ERROR keystone     with sql.session_for_write() as session:
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/contextlib.py", line 17, in __enter__
2018-04-19 09:20:13.058 25136 ERROR keystone     return self.gen.next()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py", line 759, in _transaction_scope
2018-04-19 09:20:13.058 25136 ERROR keystone     allow_async=self._allow_async) as resource:
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/contextlib.py", line 17, in __enter__
2018-04-19 09:20:13.058 25136 ERROR keystone     return self.gen.next()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py", line 491, in _session
2018-04-19 09:20:13.058 25136 ERROR keystone     bind=self.connection, mode=self.mode)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py", line 272, in _create_session
2018-04-19 09:20:13.058 25136 ERROR keystone     self._start()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py", line 338, in _start
2018-04-19 09:20:13.058 25136 ERROR keystone     engine_args, maker_args)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py", line 362, in _setup_for_connection
2018-04-19 09:20:13.058 25136 ERROR keystone     sql_connection=sql_connection, **engine_kwargs)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/engines.py", line 152, in create_engine
2018-04-19 09:20:13.058 25136 ERROR keystone     test_conn = _test_connection(engine, max_retries, retry_interval)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/engines.py", line 326, in _test_connection
2018-04-19 09:20:13.058 25136 ERROR keystone     return engine.connect()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 2018, in connect
2018-04-19 09:20:13.058 25136 ERROR keystone     return self._connection_cls(self, **kwargs)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 72, in __init__
2018-04-19 09:20:13.058 25136 ERROR keystone     if connection is not None else engine.raw_connection()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 2104, in raw_connection
2018-04-19 09:20:13.058 25136 ERROR keystone     self.pool.unique_connection, _connection)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 2078, in _wrap_pool_connect
2018-04-19 09:20:13.058 25136 ERROR keystone     e, dialect, self)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1401, in _handle_dbapi_exception_noconnection
2018-04-19 09:20:13.058 25136 ERROR keystone     util.raise_from_cause(newraise, exc_info)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/util/compat.py", line 200, in raise_from_cause
2018-04-19 09:20:13.058 25136 ERROR keystone     reraise(type(exception), exception, tb=exc_tb)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 2074, in _wrap_pool_connect
2018-04-19 09:20:13.058 25136 ERROR keystone     return fn()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/pool.py", line 318, in unique_connection
2018-04-19 09:20:13.058 25136 ERROR keystone     return _ConnectionFairy._checkout(self)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/pool.py", line 713, in _checkout
2018-04-19 09:20:13.058 25136 ERROR keystone     fairy = _ConnectionRecord.checkout(pool)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/pool.py", line 480, in checkout
2018-04-19 09:20:13.058 25136 ERROR keystone     rec = pool._do_get()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/pool.py", line 1060, in _do_get
2018-04-19 09:20:13.058 25136 ERROR keystone     self._dec_overflow()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/util/langhelpers.py", line 60, in __exit__
2018-04-19 09:20:13.058 25136 ERROR keystone     compat.reraise(exc_type, exc_value, exc_tb)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/pool.py", line 1057, in _do_get
2018-04-19 09:20:13.058 25136 ERROR keystone     return self._create_connection()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/pool.py", line 323, in _create_connection
2018-04-19 09:20:13.058 25136 ERROR keystone     return _ConnectionRecord(self)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/pool.py", line 449, in __init__
2018-04-19 09:20:13.058 25136 ERROR keystone     self.connection = self.__connect()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/pool.py", line 607, in __connect
2018-04-19 09:20:13.058 25136 ERROR keystone     connection = self.__pool._invoke_creator(self)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/strategies.py", line 97, in connect
2018-04-19 09:20:13.058 25136 ERROR keystone     return dialect.connect(*cargs, **cparams)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/sqlalchemy/engine/default.py", line 385, in connect
2018-04-19 09:20:13.058 25136 ERROR keystone     return self.dbapi.connect(*cargs, **cparams)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/pymysql/__init__.py", line 88, in Connect
2018-04-19 09:20:13.058 25136 ERROR keystone     return Connection(*args, **kwargs)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 679, in __init__
2018-04-19 09:20:13.058 25136 ERROR keystone     self.connect()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 891, in connect
2018-04-19 09:20:13.058 25136 ERROR keystone     self._request_authentication()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 1097, in _request_authentication
2018-04-19 09:20:13.058 25136 ERROR keystone     auth_packet = self._read_packet()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 966, in _read_packet
2018-04-19 09:20:13.058 25136 ERROR keystone     packet.check_error()
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/pymysql/connections.py", line 394, in check_error
2018-04-19 09:20:13.058 25136 ERROR keystone     err.raise_mysql_exception(self._data)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/pymysql/err.py", line 120, in raise_mysql_exception
2018-04-19 09:20:13.058 25136 ERROR keystone     _check_mysql_exception(errinfo)
2018-04-19 09:20:13.058 25136 ERROR keystone   File "/usr/lib/python2.7/dist-packages/pymysql/err.py", line 115, in _check_mysql_exception
2018-04-19 09:20:13.058 25136 ERROR keystone     raise InternalError(errno, errorvalue)
2018-04-19 09:20:13.058 25136 ERROR keystone DBError: (pymysql.err.InternalError) (1049, u"Unknown database 'keystone'")
2018-04-19 09:20:13.058 25136 ERROR keystone

Missing database!!

root@controller:~# mysql -u root -ppassword1234
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 34
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE keystone;
Query OK, 1 row affected (0.01 sec)

MariaDB [(none)]> \q
Bye
root@controller:~# su -s /bin/sh -c "keystone-manage db_sync" keystone
2018-04-19 09:22:20.881 25168 INFO migrate.versioning.api [-] 66 -> 67...
2018-04-19 09:22:21.633 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.634 25168 INFO migrate.versioning.api [-] 67 -> 68...
2018-04-19 09:22:21.639 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.640 25168 INFO migrate.versioning.api [-] 68 -> 69...
2018-04-19 09:22:21.644 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.644 25168 INFO migrate.versioning.api [-] 69 -> 70...
2018-04-19 09:22:21.648 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.648 25168 INFO migrate.versioning.api [-] 70 -> 71...
2018-04-19 09:22:21.652 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.653 25168 INFO migrate.versioning.api [-] 71 -> 72...
2018-04-19 09:22:21.658 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.658 25168 INFO migrate.versioning.api [-] 72 -> 73...
2018-04-19 09:22:21.700 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.700 25168 INFO migrate.versioning.api [-] 73 -> 74...
2018-04-19 09:22:21.728 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.728 25168 INFO migrate.versioning.api [-] 74 -> 75...
2018-04-19 09:22:21.743 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.744 25168 INFO migrate.versioning.api [-] 75 -> 76...
2018-04-19 09:22:21.749 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.749 25168 INFO migrate.versioning.api [-] 76 -> 77...
2018-04-19 09:22:21.754 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.754 25168 INFO migrate.versioning.api [-] 77 -> 78...
2018-04-19 09:22:21.759 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.760 25168 INFO migrate.versioning.api [-] 78 -> 79...
2018-04-19 09:22:21.766 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.766 25168 INFO migrate.versioning.api [-] 79 -> 80...
2018-04-19 09:22:21.773 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.773 25168 INFO migrate.versioning.api [-] 80 -> 81...
2018-04-19 09:22:21.791 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.791 25168 INFO migrate.versioning.api [-] 81 -> 82...
2018-04-19 09:22:21.853 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.853 25168 INFO migrate.versioning.api [-] 82 -> 83...
2018-04-19 09:22:21.909 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.909 25168 INFO migrate.versioning.api [-] 83 -> 84...
2018-04-19 09:22:21.930 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.931 25168 INFO migrate.versioning.api [-] 84 -> 85...
2018-04-19 09:22:21.967 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.967 25168 INFO migrate.versioning.api [-] 85 -> 86...
2018-04-19 09:22:21.982 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:21.983 25168 INFO migrate.versioning.api [-] 86 -> 87...
2018-04-19 09:22:22.029 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:22.030 25168 INFO migrate.versioning.api [-] 87 -> 88...
2018-04-19 09:22:22.055 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:22.055 25168 INFO migrate.versioning.api [-] 88 -> 89...
2018-04-19 09:22:22.069 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:22.070 25168 INFO migrate.versioning.api [-] 89 -> 90...
2018-04-19 09:22:22.102 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:22.102 25168 INFO migrate.versioning.api [-] 90 -> 91...
2018-04-19 09:22:22.155 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:22.155 25168 INFO migrate.versioning.api [-] 91 -> 92...
2018-04-19 09:22:22.203 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:22.204 25168 INFO migrate.versioning.api [-] 92 -> 93...
2018-04-19 09:22:22.258 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:22.258 25168 INFO migrate.versioning.api [-] 93 -> 94...
2018-04-19 09:22:22.304 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:22.305 25168 INFO migrate.versioning.api [-] 94 -> 95...
2018-04-19 09:22:22.338 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:22.339 25168 INFO migrate.versioning.api [-] 95 -> 96...
2018-04-19 09:22:22.346 25168 INFO migrate.versioning.api [-] done
2018-04-19 09:22:22.346 25168 INFO migrate.versioning.api [-] 96 -> 97...
2018-04-19 09:22:22.352 25168 INFO migrate.versioning.api [-] done

Initialize Fernet keys

root@controller:~# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
2018-04-19 09:23:54.680 25191 INFO keystone.token.providers.fernet.utils [-] [fernet_tokens] key_repository does not appear to exist; attempting to create it
2018-04-19 09:23:54.681 25191 INFO keystone.token.providers.fernet.utils [-] Created a new key: /etc/keystone/fernet-keys/0
2018-04-19 09:23:54.682 25191 INFO keystone.token.providers.fernet.utils [-] Starting key rotation with 1 key files: ['/etc/keystone/fernet-keys/0']
2018-04-19 09:23:54.682 25191 INFO keystone.token.providers.fernet.utils [-] Current primary key is: 0
2018-04-19 09:23:54.682 25191 INFO keystone.token.providers.fernet.utils [-] Next primary key will be: 1
2018-04-19 09:23:54.683 25191 INFO keystone.token.providers.fernet.utils [-] Promoted key 0 to be the primary: 1
2018-04-19 09:23:54.683 25191 INFO keystone.token.providers.fernet.utils [-] Created a new key: /etc/keystone/fernet-keys/0

Configure the Apache Web Server

Configure Timeout Value

root@controller:~# mkdir /etc/systemd/system/apache2.service.d
root@controller:~# cp /lib/systemd/system/apache2.service.d/apache2-systemd.conf /etc/systemd/system/apache2.service.d/
root@controller:~# vim /etc/systemd/system/apache2.service.d/apache2-systemd.conf
root@controller:~# diff -u /lib/systemd/system/apache2.service.d/apache2-systemd.conf /etc/systemd/system/apache2.service.d/apache2-systemd.conf
--- /lib/systemd/system/apache2.service.d/apache2-systemd.conf  2016-04-12 19:13:56.000000000 +0900
+++ /etc/systemd/system/apache2.service.d/apache2-systemd.conf  2018-04-19 22:03:48.210159453 +0900
@@ -1,3 +1,6 @@
 [Service]
 Type=forking
 RemainAfterExit=no
+TimeoutStartSec=900
+TimeoutStopSec=900
+

Effective configuration.

/etc/systemd/system/apache2.service.d/apache2-systemd.conf
[Service]
TimeoutStartSec=900
TimeoutStopSec=900

Notify to systemd modification.

root@controller:~# systemctl daemon-reload

Configure host name

root@controller:~# cp -p /etc/apache2/apache2.conf{,.`date +%Y%m%d%H%M%S`}
root@controller:~# ls -l /etc/apache2/apache2.conf*
-rw-r--r-- 1 root root 7115 Mar 19  2016 /etc/apache2/apache2.conf
-rw-r--r-- 1 root root 7115 Mar 19  2016 /etc/apache2/apache2.conf.20180420081120
root@controller:~# vim /etc/apache2/apache2.conf
root@controller:~# fgrep -R ServerName /etc/apache2/
/etc/apache2/sites-available/000-default.conf:  # The ServerName directive sets the request scheme, hostname and port that
/etc/apache2/sites-available/000-default.conf:  # redirection URLs. In the context of virtual hosts, the ServerName
/etc/apache2/sites-available/000-default.conf:  #ServerName www.example.com
/etc/apache2/apache2.conf:ServerName controller
/etc/apache2/sites-enabled/000-default.conf:    # The ServerName directive sets the request scheme, hostname and port that
/etc/apache2/sites-enabled/000-default.conf:    # redirection URLs. In the context of virtual hosts, the ServerName
/etc/apache2/sites-enabled/000-default.conf:    #ServerName www.example.com
root@controller:~# diff -u /etc/apache2/apache2.conf{.*,}
--- /etc/apache2/apache2.conf.20180420081120    2016-03-19 18:48:35.000000000 +0900
+++ /etc/apache2/apache2.conf   2018-04-20 08:13:01.320330604 +0900
@@ -54,6 +54,7 @@

 # Global configuration
 #
+ServerName controller

 #
 # ServerRoot: The top of the directory tree under which the server's

Effective configuration.

/etc/apache2/apache2.conf
ServerName controller

Create Keystone VirtualHost

/etc/apache2/sites-available/wsgi-keystone.conf
Listen 5000
Listen 35357
 
<VirtualHost *:5000>
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /usr/bin/keystone-wsgi-public
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/apache2/keystone.log
    CustomLog /var/log/apache2/keystone_access.log combined
 
    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>
 
<VirtualHost *:35357>
    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/apache2/keystone.log
    CustomLog /var/log/apache2/keystone_access.log combined
 
    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>
root@controller:~# vim /etc/apache2/sites-available/wsgi-keystone.conf
root@controller:~# a2ensite wsgi-keystone
Enabling site wsgi-keystone.
To activate the new configuration, you need to run:
  service apache2 reload
root@controller:~# ls -ls /etc/apache2/sites-enabled/wsgi-keystone.conf
0 lrwxrwxrwx 1 root root 37 Apr 20 08:21 /etc/apache2/sites-enabled/wsgi-keystone.conf -> ../sites-available/wsgi-keystone.conf

Restart Apache2 and check connectivity

root@controller:~# systemctl restart apache2
root@controller:~# systemctl status apache2
● apache2.service - LSB: Apache2 web server
   Loaded: loaded (/etc/init.d/apache2; bad; vendor preset: enabled)
  Drop-In: /etc/systemd/system/apache2.service.d
           └─apache2-systemd.conf
   Active: active (running) since Fri 2018-04-20 08:25:09 JST; 1s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 10928 ExecStop=/etc/init.d/apache2 stop (code=exited, status=0/SUCCESS)
  Process: 10952 ExecStart=/etc/init.d/apache2 start (code=exited, status=0/SUCCESS)
    Tasks: 95
   Memory: 33.5M
      CPU: 221ms
   CGroup: /system.slice/apache2.service
           ├─10970 /usr/sbin/apache2 -k start
           ├─10973 (wsgi:keystone-pu -k start
           ├─10974 (wsgi:keystone-pu -k start
           ├─10975 (wsgi:keystone-pu -k start
           ├─10976 (wsgi:keystone-pu -k start
           ├─10977 (wsgi:keystone-pu -k start
           ├─10978 (wsgi:keystone-ad -k start
           ├─10979 (wsgi:keystone-ad -k start
           ├─10980 (wsgi:keystone-ad -k start
           ├─10981 (wsgi:keystone-ad -k start
           ├─10982 (wsgi:keystone-ad -k start
           ├─10983 /usr/sbin/apache2 -k start
           └─10984 /usr/sbin/apache2 -k start

Apr 20 08:25:08 controller systemd[1]: Starting LSB: Apache2 web server...
Apr 20 08:25:08 controller apache2[10952]:  * Starting Apache httpd web server apache2
Apr 20 08:25:09 controller apache2[10952]:  *
Apr 20 08:25:09 controller systemd[1]: Started LSB: Apache2 web server.
root@controller:~# systemctl enable apache2
apache2.service is not a native service, redirecting to systemd-sysv-install
Executing /lib/systemd/systemd-sysv-install enable apache2

Remove unnecessary SQLite DB file.

root@controller:~# ls -l /var/lib/keystone/keystone.db
-rw-r--r-- 1 keystone keystone 118784 Apr 19 08:08 /var/lib/keystone/keystone.db
root@controller:~# rm -f /var/lib/keystone/keystone.db

Make sure controller name resolution exists.

root@controller:~# fgrep controller /etc/hosts
192.168.200.134 controller.mitaka.openstack.pg1x.internal controller
root@controller:~# apt -y install jq
root@controller:~# curl http://controller:5000/v3 2>/dev/null
{"version": {"status": "stable", "updated": "2016-04-04T00:00:00Z", "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "id": "v3.6", "links": [{"href": "http://controller:5000/v3/", "rel": "self"}]}}root@controller:~#
root@controller:~# curl http://controller:5000/v3 2>/dev/null | jq
{
  "version": {
    "status": "stable",
    "updated": "2016-04-04T00:00:00Z",
    "media-types": [
      {
        "base": "application/json",
        "type": "application/vnd.openstack.identity-v3+json"
      }
    ],
    "id": "v3.6",
    "links": [
      {
        "href": "http://controller:5000/v3/",
        "rel": "self"
      }
    ]
  }
}
root@controller:~# curl http://controller:35357/v3 2>/dev/null | jq
{
  "version": {
    "status": "stable",
    "updated": "2016-04-04T00:00:00Z",
    "media-types": [
      {
        "base": "application/json",
        "type": "application/vnd.openstack.identity-v3+json"
      }
    ],
    "id": "v3.6",
    "links": [
      {
        "href": "http://controller:35357/v3/",
        "rel": "self"
      }
    ]
  }
}

Take Snapshot Install Keystone Identity Service

Configure Token and Environment variables

OpenStack Docs: Create the service entity and API endpoints

  • Service Entity
  • API Endpoint
export OS_TOKEN=012c3690a3486a210193
export OS_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3

Create Keystone Service

root@controller:~# openstack service create --name keystone --description "OpenStack Identity" identity
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Identity               |
| enabled     | True                             |
| id          | c8c22af53e6f4ba59a06b4f4f03ea1ca |
| name        | keystone                         |
| type        | identity                         |
+-------------+----------------------------------+
root@controller:~# openstack service list
+----------------------------------+----------+----------+
| ID                               | Name     | Type     |
+----------------------------------+----------+----------+
| c8c22af53e6f4ba59a06b4f4f03ea1ca | keystone | identity |
+----------------------------------+----------+----------+

Create API endpoints

root@controller:~# openstack endpoint create --region RegionOne identity public http://controller:5000/v3
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 5bb647afeeb54a91b1dccae5aab6ef3c |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | c8c22af53e6f4ba59a06b4f4f03ea1ca |
| service_name | keystone                         |
| service_type | identity                         |
| url          | http://controller:5000/v3        |
+--------------+----------------------------------+
root@controller:~# openstack endpoint create --region RegionOne identity internal http://controller:5000/v3
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 0da87bc27dfd47aeb7c3d2b3dcafbcc3 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | c8c22af53e6f4ba59a06b4f4f03ea1ca |
| service_name | keystone                         |
| service_type | identity                         |
| url          | http://controller:5000/v3        |
+--------------+----------------------------------+
root@controller:~# openstack endpoint create --region RegionOne identity admin http://controller:35357/v3
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 80de59d5a511451f9f3e3e9bfec1c2fd |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | c8c22af53e6f4ba59a06b4f4f03ea1ca |
| service_name | keystone                         |
| service_type | identity                         |
| url          | http://controller:35357/v3       |
+--------------+----------------------------------+
root@controller:~# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 0da87bc27dfd47aeb7c3d2b3dcafbcc3 | RegionOne | keystone     | identity     | True    | internal  | http://controller:5000/v3  |
| 5bb647afeeb54a91b1dccae5aab6ef3c | RegionOne | keystone     | identity     | True    | public    | http://controller:5000/v3  |
| 80de59d5a511451f9f3e3e9bfec1c2fd | RegionOne | keystone     | identity     | True    | admin     | http://controller:35357/v3 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+

Create domain

OpenStack Docs: Create a domain, projects, users, and roles

root@controller:~# openstack domain create --description "Default Domain" default
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Default Domain                   |
| enabled     | True                             |
| id          | 2c272c534f814e8c8838da32c00bc3ad |
| name        | default                          |
+-------------+----------------------------------+

Create project

  • Create project for Administrator
root@controller:~# openstack project create --domain default --description "Admin Project" admin
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Admin Project                    |
| domain_id   | 2c272c534f814e8c8838da32c00bc3ad |
| enabled     | True                             |
| id          | dd0252d2463045a3b0634604959edb9d |
| is_domain   | False                            |
| name        | admin                            |
| parent_id   | 2c272c534f814e8c8838da32c00bc3ad |
+-------------+----------------------------------+
root@controller:~# openstack user create --domain default --password $WELL_KNOWN_PASSWORD admin
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | 2c272c534f814e8c8838da32c00bc3ad |
| enabled   | True                             |
| id        | 61010c7e434d483ca23d6243090b7a56 |
| name      | admin                            |
+-----------+----------------------------------+
root@controller:~# openstack role create admin
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | None                             |
| id        | d9583e06c2d845e69222c5323f97fa17 |
| name      | admin                            |
+-----------+----------------------------------+
root@controller:~# openstack role add --project admin --user admin admin
root@controller:~# openstack role add --project admin --user admin admin
root@controller:~#
  • Create Service, and Demo Project
root@controller:~# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Service Project                  |
| domain_id   | 2c272c534f814e8c8838da32c00bc3ad |
| enabled     | True                             |
| id          | da1230c42c3945ada628e1bcfa8b9475 |
| is_domain   | False                            |
| name        | service                          |
| parent_id   | 2c272c534f814e8c8838da32c00bc3ad |
+-------------+----------------------------------+
root@controller:~# openstack project create --domain default --description "Demo Project" demo
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Demo Project                     |
| domain_id   | 2c272c534f814e8c8838da32c00bc3ad |
| enabled     | True                             |
| id          | 23c144dc3efb4d449508940b8e2f9ddc |
| is_domain   | False                            |
| name        | demo                             |
| parent_id   | 2c272c534f814e8c8838da32c00bc3ad |
+-------------+----------------------------------+
root@controller:~# openstack user create --domain default --password $WELL_KNOWN_PASSWORD demo
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | 2c272c534f814e8c8838da32c00bc3ad |
| enabled   | True                             |
| id        | c1088a5814b94e328915f257a799075a |
| name      | demo                             |
+-----------+----------------------------------+
root@controller:~# openstack role create user
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | None                             |
| id        | 7424fa591cf948cbb4815f39ecbb844b |
| name      | user                             |
+-----------+----------------------------------+
root@controller:~# openstack role add --project demo --user demo user
root@controller:~#
  • Verify project, role, user list
root@controller:~# openstack project list
+----------------------------------+---------+
| ID                               | Name    |
+----------------------------------+---------+
| 23c144dc3efb4d449508940b8e2f9ddc | demo    |
| da1230c42c3945ada628e1bcfa8b9475 | service |
| dd0252d2463045a3b0634604959edb9d | admin   |
+----------------------------------+---------+
root@controller:~# openstack role list
+----------------------------------+-------+
| ID                               | Name  |
+----------------------------------+-------+
| 7424fa591cf948cbb4815f39ecbb844b | user  |
| d9583e06c2d845e69222c5323f97fa17 | admin |
+----------------------------------+-------+
root@controller:~# openstack user list
+----------------------------------+-------+
| ID                               | Name  |
+----------------------------------+-------+
| 61010c7e434d483ca23d6243090b7a56 | admin |
| c1088a5814b94e328915f257a799075a | demo  |
+----------------------------------+-------+

Verify operation

OpenStack Docs: Verify operation

  • Edit configuration file

Edit the /etc/keystone/keystone-paste.ini file and remove admin_token_auth from the [pipeline:public_api], [pipeline:admin_api], and [pipeline:api_v3] sections.

root@controller:~# cp /etc/keystone/keystone-paste.ini /root/keystone-paste.ini.`date +%Y%m%d%H%M%S`
root@controller:~# ls -l /root/keystone-paste.ini.*
-rw-r--r-- 1 root root 2400 Apr 21 11:13 /root/keystone-paste.ini.20180421111353
root@controller:~# vim /etc/keystone/keystone-paste.ini
root@controller:~# diff -u /root/keystone-paste.ini.20180421111353 /etc/keystone/keystone-paste.ini
--- /root/keystone-paste.ini.20180421111353     2018-04-21 11:13:53.201740031 +0900
+++ /etc/keystone/keystone-paste.ini    2018-04-21 11:15:45.487549782 +0900
@@ -51,17 +51,17 @@
 [pipeline:public_api]
 # The last item in this pipeline must be public_service or an equivalent
 # application. It cannot be a filter.
-pipeline = cors sizelimit url_normalize request_id admin_token_auth build_auth_context token_auth json_body ec2_extension public_service
+pipeline = cors sizelimit url_normalize request_id build_auth_context token_auth json_body ec2_extension public_service

 [pipeline:admin_api]
 # The last item in this pipeline must be admin_service or an equivalent
 # application. It cannot be a filter.
-pipeline = cors sizelimit url_normalize request_id admin_token_auth build_auth_context token_auth json_body ec2_extension s3_extension admin_service
+pipeline = cors sizelimit url_normalize request_id build_auth_context token_auth json_body ec2_extension s3_extension admin_service

 [pipeline:api_v3]
 # The last item in this pipeline must be service_v3 or an equivalent
 # application. It cannot be a filter.
-pipeline = cors sizelimit url_normalize request_id admin_token_auth build_auth_context token_auth json_body ec2_extension_v3 s3_extension service_v3
+pipeline = cors sizelimit url_normalize request_id build_auth_context token_auth json_body ec2_extension_v3 s3_extension service_v3

 [app:public_version_service]
 use = egg:keystone#public_version_service

Unset the temporary OS_TOKEN and OS_URL environment variables:

root@controller:~# unset OS_TOKEN OS_URL

As the admin user, request an authentication token:

openstack --os-auth-url http://controller:35357/v3 \
  --os-project-domain-name default \
  --os-user-domain-name default \
  --os-project-name admin \
  --os-username admin \
  token issue
root@controller:~# unset OS_TOKEN OS_URL
root@controller:~# openstack --os-auth-url http://controller:35357/v3 \
>   --os-project-domain-name default \
>   --os-user-domain-name default \
>   --os-project-name admin \
>   --os-username admin \
>   token issue
Password: password1234
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                                                                   |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires    | 2018-04-21T03:21:32.000000Z                                                                                                                                                             |
| id         | gAAAAABa2qAsyjvoGoqPrmxyvqoC7NfvPKcz2jZIL0R4zgQF-9uEhXOFr3kR88F6vTMUNF0hpfnoL_r_KgkWp8CFiytRC_rvAzwoBvcbGSZx7e_QqY1TaYqhi0yP0tNke2xjP6NVFFeP7le-qEueALcLwjj6jwrPjPNeLTpuX5uPM__V8u0cMcw |
| project_id | dd0252d2463045a3b0634604959edb9d                                                                                                                                                        |
| user_id    | 61010c7e434d483ca23d6243090b7a56                                                                                                                                                        |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

As the demo user, request an authentication token:

openstack --os-auth-url http://controller:5000/v3 \
  --os-project-domain-name default \
  --os-user-domain-name default \
  --os-project-name demo \
  --os-username demo \
  token issue
root@controller:~# openstack --os-auth-url http://controller:5000/v3 \
>   --os-project-domain-name default \
>   --os-user-domain-name default \
>   --os-project-name demo \
>   --os-username demo \
>   token issue
Password: password1234
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                                                                   |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires    | 2018-04-21T03:25:56.000000Z                                                                                                                                                             |
| id         | gAAAAABa2qE0B6XCe6YieQ6h-sEjpsJSJwOFQgXSVsYsYB2ex6tcXIzrUaG8Vdfu5lM3_ERTz1izK02jYfJwNoxKg-uPuZmdd6dEsCJvs8jdXGLVO-MGpuCxNSFIbnyeMbS8RefnnENKfHsMUQsKR6zzLFuigHoEr_BW_fQGaltH8G4aOZxI5dM |
| project_id | 23c144dc3efb4d449508940b8e2f9ddc                                                                                                                                                        |
| user_id    | c1088a5814b94e328915f257a799075a                                                                                                                                                        |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Create OpenStack client environment scripts

OpenStack Docs: Create OpenStack client environment scripts

/root/admin-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=password1234
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
/root/demo-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=password1234
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

Using the scripts

root@controller:~# . /root/admin-openrc
root@controller:~# openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                                                                   |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires    | 2018-04-21T03:38:24.000000Z                                                                                                                                                             |
| id         | gAAAAABa2qQg03KxCF0xX2lJm4_J8OuHh5w2XJjR7ATspCZ6uS1IEkpkQPgCQ-UEaN0Cy02rbafCBo35cjI5ThtVOmjiUuy7YUf-tWjgKjq27KlkV4QXB2TNzWDZocFS--oNgv3nQ_l0EsMmDF91KpokAAq4R8CtJJYiYyKbaDnQWlTTOA1p8m8 |
| project_id | dd0252d2463045a3b0634604959edb9d                                                                                                                                                        |
| user_id    | 61010c7e434d483ca23d6243090b7a56                                                                                                                                                        |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Take Snapshot Configure Identity Service: Keystone

Image Service (Glance)

Install and configure

OpenStack Docs: Install and configure

  • Create database
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
  IDENTIFIED BY 'password1234';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
  IDENTIFIED BY 'password1234';
FLUSH PRIVILEGES;
root@controller:~# mysql -u root -p$WELL_KNOWN_PASSWORD
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 33
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE glance;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
    ->   IDENTIFIED BY 'password1234';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
    ->   IDENTIFIED BY 'password1234';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit
Bye
  • Load admin environmental variables
root@controller:~# . /root/admin-openrc
  • Create Glance user
root@controller:~# openstack user create --domain default --password $WELL_KNOWN_PASSWORD glance
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | 2c272c534f814e8c8838da32c00bc3ad |
| enabled   | True                             |
| id        | 5168f0a1b7ec4ca1a62ad4008d4bad00 |
| name      | glance                           |
+-----------+----------------------------------+
  • Add the admin role to the glance user and service project:
root@controller:~# openstack role add --project service --user glance admin
root@controller:~#
  • Create the glance service entity:
root@controller:~# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Image                  |
| enabled     | True                             |
| id          | 687fab22259645a184cc46bb642a34bf |
| name        | glance                           |
| type        | image                            |
+-------------+----------------------------------+
  • Create the Image service API endpoints:
root@controller:~# openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 17f72f5a79c047219c570a94194aeaf7 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 687fab22259645a184cc46bb642a34bf |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller:9292           |
+--------------+----------------------------------+
root@controller:~# openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 5c9c8e32fac1493f9b60aa73471050ee |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 687fab22259645a184cc46bb642a34bf |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller:9292           |
+--------------+----------------------------------+
root@controller:~# openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | ecee73c1a2a045ff9bb838e49ecfeda9 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 687fab22259645a184cc46bb642a34bf |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller:9292           |
+--------------+----------------------------------+

Install and configure components

root@controller:~# apt-get install -y glance
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  glance-api glance-common glance-registry glance-store-common libblas-common libblas3 libgfortran3 liblapack3 libpq5 libquadmath0
  python-automaton python-castellan python-egenix-mxdatetime python-egenix-mxtools python-glance python-glance-store python-httplib2
  python-kazoo python-networkx python-numpy python-osprofiler python-psycopg2 python-semantic-version python-simplegeneric python-taskflow
  python-wsme
Suggested packages:
  python-ceph python-automaton-doc python-castellan-doc python-egenix-mxdatetime-dbg python-egenix-mxdatetime-doc python-egenix-mxtools-dbg
  python-egenix-mxtools-doc python-kazoo-doc python-matplotlib python-scipy python-pygraphviz | python-pydot gcc gfortran python-dev
  python-nose python-numpy-dbg python-numpy-doc python-psycopg2-doc python-semantic-version-doc
The following NEW packages will be installed:
  glance glance-api glance-common glance-registry glance-store-common libblas-common libblas3 libgfortran3 liblapack3 libpq5 libquadmath0
  python-automaton python-castellan python-egenix-mxdatetime python-egenix-mxtools python-glance python-glance-store python-httplib2
  python-kazoo python-networkx python-numpy python-osprofiler python-psycopg2 python-semantic-version python-simplegeneric python-taskflow
  python-wsme
0 upgraded, 27 newly installed, 0 to remove and 8 not upgraded.
Need to get 6,851 kB of archives.
After this operation, 34.1 MB of additional disk space will be used.
Get:1 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-semantic-version all 2.3.1-1 [7,772 B]
Get:2 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 glance-store-common all 0.13.0-3ubuntu0.16.04.1 [4,278 B]
Get:3 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 libblas-common amd64 3.6.0-2ubuntu2 [5,342 B]
Get:4 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 libblas3 amd64 3.6.0-2ubuntu2 [147 kB]
Get:5 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libquadmath0 amd64 5.4.0-6ubuntu1~16.04.9 [131 kB]
Get:6 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libgfortran3 amd64 5.4.0-6ubuntu1~16.04.9 [260 kB]
Get:7 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 liblapack3 amd64 3.6.0-2ubuntu2 [1,938 kB]
Get:8 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libpq5 amd64 9.5.12-0ubuntu0.16.04 [79.0 kB]
Get:9 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-automaton all 1.2.0-1 [14.7 kB]
Get:10 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-castellan all 0.4.0-1 [31.8 kB]
Get:11 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-egenix-mxtools amd64 3.2.9-1 [75.3 kB]
Get:12 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-egenix-mxdatetime amd64 3.2.9-1 [68.3 kB]
Get:13 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python-glance-store all 0.13.0-3ubuntu0.16.04.1 [77.3 kB]
Get:14 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-httplib2 all 0.9.1+dfsg-1 [34.2 kB]
Get:15 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-kazoo all 2.2.1-1ubuntu1 [79.9 kB]
Get:16 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-networkx all 1.11-1ubuntu1 [806 kB]
Get:17 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-numpy amd64 1:1.11.0-1ubuntu1 [1,763 kB]
Get:18 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-osprofiler all 1.2.0-1ubuntu1 [32.7 kB]
Get:19 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-psycopg2 amd64 2.6.1-1build2 [131 kB]
Get:20 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-taskflow all 1.30.0-1ubuntu1 [209 kB]
Get:21 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-simplegeneric all 0.8.1-1 [11.5 kB]
Get:22 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-wsme all 0.8.0-2ubuntu2 [61.0 kB]
Get:23 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-glance all 2:12.0.0-0ubuntu2 [799 kB]
Get:24 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 glance-common all 2:12.0.0-0ubuntu2 [9,326 B]
Get:25 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 glance-api all 2:12.0.0-0ubuntu2 [52.2 kB]
Get:26 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 glance-registry all 2:12.0.0-0ubuntu2 [20.5 kB]
Get:27 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 glance all 2:12.0.0-0ubuntu2 [1,742 B]
Fetched 6,851 kB in 1s (6,612 kB/s)
Selecting previously unselected package python-semantic-version.
(Reading database ... 122344 files and directories currently installed.)
Preparing to unpack .../python-semantic-version_2.3.1-1_all.deb ...
Unpacking python-semantic-version (2.3.1-1) ...
Selecting previously unselected package glance-store-common.
Preparing to unpack .../glance-store-common_0.13.0-3ubuntu0.16.04.1_all.deb ...
Unpacking glance-store-common (0.13.0-3ubuntu0.16.04.1) ...
Selecting previously unselected package libblas-common.
Preparing to unpack .../libblas-common_3.6.0-2ubuntu2_amd64.deb ...
Unpacking libblas-common (3.6.0-2ubuntu2) ...
Selecting previously unselected package libblas3.
Preparing to unpack .../libblas3_3.6.0-2ubuntu2_amd64.deb ...
Unpacking libblas3 (3.6.0-2ubuntu2) ...
Selecting previously unselected package libquadmath0:amd64.
Preparing to unpack .../libquadmath0_5.4.0-6ubuntu1~16.04.9_amd64.deb ...
Unpacking libquadmath0:amd64 (5.4.0-6ubuntu1~16.04.9) ...
Selecting previously unselected package libgfortran3:amd64.
Preparing to unpack .../libgfortran3_5.4.0-6ubuntu1~16.04.9_amd64.deb ...
Unpacking libgfortran3:amd64 (5.4.0-6ubuntu1~16.04.9) ...
Selecting previously unselected package liblapack3.
Preparing to unpack .../liblapack3_3.6.0-2ubuntu2_amd64.deb ...
Unpacking liblapack3 (3.6.0-2ubuntu2) ...
Selecting previously unselected package libpq5:amd64.
Preparing to unpack .../libpq5_9.5.12-0ubuntu0.16.04_amd64.deb ...
Unpacking libpq5:amd64 (9.5.12-0ubuntu0.16.04) ...
Selecting previously unselected package python-automaton.
Preparing to unpack .../python-automaton_1.2.0-1_all.deb ...
Unpacking python-automaton (1.2.0-1) ...
Selecting previously unselected package python-castellan.
Preparing to unpack .../python-castellan_0.4.0-1_all.deb ...
Unpacking python-castellan (0.4.0-1) ...
Selecting previously unselected package python-egenix-mxtools.
Preparing to unpack .../python-egenix-mxtools_3.2.9-1_amd64.deb ...
Unpacking python-egenix-mxtools (3.2.9-1) ...
Selecting previously unselected package python-egenix-mxdatetime.
Preparing to unpack .../python-egenix-mxdatetime_3.2.9-1_amd64.deb ...
Unpacking python-egenix-mxdatetime (3.2.9-1) ...
Selecting previously unselected package python-glance-store.
Preparing to unpack .../python-glance-store_0.13.0-3ubuntu0.16.04.1_all.deb ...
Unpacking python-glance-store (0.13.0-3ubuntu0.16.04.1) ...
Selecting previously unselected package python-httplib2.
Preparing to unpack .../python-httplib2_0.9.1+dfsg-1_all.deb ...
Unpacking python-httplib2 (0.9.1+dfsg-1) ...
Selecting previously unselected package python-kazoo.
Preparing to unpack .../python-kazoo_2.2.1-1ubuntu1_all.deb ...
Unpacking python-kazoo (2.2.1-1ubuntu1) ...
Selecting previously unselected package python-networkx.
Preparing to unpack .../python-networkx_1.11-1ubuntu1_all.deb ...
Unpacking python-networkx (1.11-1ubuntu1) ...
Selecting previously unselected package python-numpy.
Preparing to unpack .../python-numpy_1%3a1.11.0-1ubuntu1_amd64.deb ...
Unpacking python-numpy (1:1.11.0-1ubuntu1) ...
Selecting previously unselected package python-osprofiler.
Preparing to unpack .../python-osprofiler_1.2.0-1ubuntu1_all.deb ...
Unpacking python-osprofiler (1.2.0-1ubuntu1) ...
Selecting previously unselected package python-psycopg2.
Preparing to unpack .../python-psycopg2_2.6.1-1build2_amd64.deb ...
Unpacking python-psycopg2 (2.6.1-1build2) ...
Selecting previously unselected package python-taskflow.
Preparing to unpack .../python-taskflow_1.30.0-1ubuntu1_all.deb ...
Unpacking python-taskflow (1.30.0-1ubuntu1) ...
Selecting previously unselected package python-simplegeneric.
Preparing to unpack .../python-simplegeneric_0.8.1-1_all.deb ...
Unpacking python-simplegeneric (0.8.1-1) ...
Selecting previously unselected package python-wsme.
Preparing to unpack .../python-wsme_0.8.0-2ubuntu2_all.deb ...
Unpacking python-wsme (0.8.0-2ubuntu2) ...
Selecting previously unselected package python-glance.
Preparing to unpack .../python-glance_2%3a12.0.0-0ubuntu2_all.deb ...
Unpacking python-glance (2:12.0.0-0ubuntu2) ...
Selecting previously unselected package glance-common.
Preparing to unpack .../glance-common_2%3a12.0.0-0ubuntu2_all.deb ...
Unpacking glance-common (2:12.0.0-0ubuntu2) ...
Selecting previously unselected package glance-api.
Preparing to unpack .../glance-api_2%3a12.0.0-0ubuntu2_all.deb ...
Unpacking glance-api (2:12.0.0-0ubuntu2) ...
Selecting previously unselected package glance-registry.
Preparing to unpack .../glance-registry_2%3a12.0.0-0ubuntu2_all.deb ...
Unpacking glance-registry (2:12.0.0-0ubuntu2) ...
Selecting previously unselected package glance.
Preparing to unpack .../glance_2%3a12.0.0-0ubuntu2_all.deb ...
Unpacking glance (2:12.0.0-0ubuntu2) ...
Processing triggers for libc-bin (2.23-0ubuntu10) ...
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
Setting up python-semantic-version (2.3.1-1) ...
Setting up glance-store-common (0.13.0-3ubuntu0.16.04.1) ...
Setting up libblas-common (3.6.0-2ubuntu2) ...
Setting up libblas3 (3.6.0-2ubuntu2) ...
update-alternatives: using /usr/lib/libblas/libblas.so.3 to provide /usr/lib/libblas.so.3 (libblas.so.3) in auto mode
Setting up libquadmath0:amd64 (5.4.0-6ubuntu1~16.04.9) ...
Setting up libgfortran3:amd64 (5.4.0-6ubuntu1~16.04.9) ...
Setting up liblapack3 (3.6.0-2ubuntu2) ...
update-alternatives: using /usr/lib/lapack/liblapack.so.3 to provide /usr/lib/liblapack.so.3 (liblapack.so.3) in auto mode
Setting up libpq5:amd64 (9.5.12-0ubuntu0.16.04) ...
Setting up python-automaton (1.2.0-1) ...
Setting up python-castellan (0.4.0-1) ...
Setting up python-egenix-mxtools (3.2.9-1) ...
Setting up python-egenix-mxdatetime (3.2.9-1) ...
Setting up python-glance-store (0.13.0-3ubuntu0.16.04.1) ...
update-alternatives: using /usr/bin/python2-glance-rootwrap to provide /usr/bin/glance-rootwrap (glance-rootwrap) in auto mode
Setting up python-httplib2 (0.9.1+dfsg-1) ...
Setting up python-kazoo (2.2.1-1ubuntu1) ...
Setting up python-networkx (1.11-1ubuntu1) ...
Setting up python-numpy (1:1.11.0-1ubuntu1) ...
Setting up python-osprofiler (1.2.0-1ubuntu1) ...
update-alternatives: using /usr/bin/python2-osprofiler to provide /usr/bin/osprofiler (osprofiler) in auto mode
Setting up python-psycopg2 (2.6.1-1build2) ...
Setting up python-taskflow (1.30.0-1ubuntu1) ...
Setting up python-simplegeneric (0.8.1-1) ...
Setting up python-wsme (0.8.0-2ubuntu2) ...
Setting up python-glance (2:12.0.0-0ubuntu2) ...
Setting up glance-common (2:12.0.0-0ubuntu2) ...
Adding system user `glance' (UID 119) ...
Adding new user `glance' (UID 119) with group `glance' ...
Not creating home directory `/var/lib/glance'.
Setting up glance-api (2:12.0.0-0ubuntu2) ...
Setting up glance-registry (2:12.0.0-0ubuntu2) ...
Setting up glance (2:12.0.0-0ubuntu2) ...
Processing triggers for libc-bin (2.23-0ubuntu10) ...
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
  • Edit the /etc/glance/glance-api.conf file and complete the following actions:
root@controller:~# cp -p /etc/glance/glance-api.conf{,.`date +%Y%m%d%H%M%S`}
root@controller:~# ls -l /etc/glance/glance-api.conf*
-rw-r--r-- 1 glance glance 63831 Apr 14  2016 /etc/glance/glance-api.conf
-rw-r--r-- 1 glance glance 63831 Apr 14  2016 /etc/glance/glance-api.conf.20180422093034
root@controller:~# vim /etc/glance/glance-api.conf
root@controller:~# diff -u /etc/glance/glance-api.conf{.*,}
--- /etc/glance/glance-api.conf.20180422093034  2016-04-14 05:29:00.000000000 +0900
+++ /etc/glance/glance-api.conf 2018-04-22 12:55:50.665635816 +0900
@@ -638,7 +638,7 @@
 # Deprecated group/name - [DEFAULT]/sql_connection
 # Deprecated group/name - [DATABASE]/sql_connection
 # Deprecated group/name - [sql]/connection
-#connection = <None>
+connection = mysql+pymysql://glance:password1234@controller/glance

 # The SQLAlchemy connection string to use to connect to the slave
 # database. (string value)
@@ -738,12 +738,12 @@

 # List of stores enabled. Valid stores are: cinder, file, http, rbd,
 # sheepdog, swift, s3, vsphere (list value)
-#stores = file,http
+stores = file,http

 # Default scheme to use to store image data. The scheme must be
 # registered by one of the stores defined by the 'stores' config
 # option. (string value)
-#default_store = file
+default_store = file

 # Minimum interval seconds to execute updating dynamic storage
 # capabilities based on backend status then. It's not a periodic
@@ -1022,7 +1022,7 @@

 # Directory to which the Filesystem backend store writes images.
 # (string value)
-#filesystem_store_datadir = /var/lib/glance/images
+filesystem_store_datadir = /var/lib/glance/images/

 # List of directories and its priorities to which the Filesystem
 # backend store writes images. (multi valued)
@@ -1115,7 +1115,8 @@
 #

 # Complete public Identity API endpoint. (string value)
-#auth_uri = <None>
+auth_uri = http://controller:5000
+auth_url = http://controller:35357

 # API version of the admin Identity API endpoint. (string value)
 #auth_version = <None>
@@ -1161,7 +1162,7 @@
 # If left undefined, tokens will instead be cached in-process. (list
 # value)
 # Deprecated group/name - [DEFAULT]/memcache_servers
-#memcached_servers = <None>
+memcached_servers = controller:11211

 # In order to prevent excessive effort spent validating tokens, the
 # middleware caches previously-seen tokens for a configurable duration
@@ -1245,7 +1246,12 @@

 # Authentication type to load (unknown value)
 # Deprecated group/name - [DEFAULT]/auth_plugin
-#auth_type = <None>
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+project_name = service
+username = glance
+password = password1234

 # Config Section from which to load plugin specific options (unknown
 # value)
@@ -1683,7 +1689,7 @@
 # service name removed. For example, if your paste section name is
 # [pipeline:glance-api-keystone] use the value "keystone" (string
 # value)
-#flavor = <None>
+flavor = keystone

 # Name of the paste configuration file. (string value)
 #config_file = <None>

Effective configuration only.

/etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:password1234@controller/glance
 
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
 
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = password1234
 
[paste_deploy]
flavor = keystone
  • Edit the /etc/glance/glance-registry.conf file and complete the following actions:
root@controller:~# cp -p /etc/glance/glance-registry.conf{,.`date +%Y%m%d%H%M%S`}
root@controller:~# ls -l /etc/glance/glance-registry.conf*
-rw-r--r-- 1 glance glance 49956 Apr 14  2016 /etc/glance/glance-registry.conf
-rw-r--r-- 1 glance glance 49956 Apr 14  2016 /etc/glance/glance-registry.conf.20180422125942
root@controller:~# vim /etc/glance/glance-registry.conf
root@controller:~# diff -u /etc/glance/glance-registry.conf{.*,}
--- /etc/glance/glance-registry.conf.20180422125942     2016-04-14 05:29:00.000000000 +0900
+++ /etc/glance/glance-registry.conf    2018-04-22 13:08:45.061021398 +0900
@@ -380,7 +380,7 @@
 # Deprecated group/name - [DEFAULT]/sql_connection
 # Deprecated group/name - [DATABASE]/sql_connection
 # Deprecated group/name - [sql]/connection
-#connection = <None>
+connection = mysql+pymysql://glance:password1234@controller/glance

 # The SQLAlchemy connection string to use to connect to the slave
 # database. (string value)
@@ -841,7 +841,8 @@
 #

 # Complete public Identity API endpoint. (string value)
-#auth_uri = <None>
+auth_uri = http://controller:5000
+auth_url = http://controller:35357

 # API version of the admin Identity API endpoint. (string value)
 #auth_version = <None>
@@ -887,7 +888,7 @@
 # If left undefined, tokens will instead be cached in-process. (list
 # value)
 # Deprecated group/name - [DEFAULT]/memcache_servers
-#memcached_servers = <None>
+memcached_servers = controller:11211

 # In order to prevent excessive effort spent validating tokens, the
 # middleware caches previously-seen tokens for a configurable duration
@@ -971,7 +972,12 @@

 # Authentication type to load (unknown value)
 # Deprecated group/name - [DEFAULT]/auth_plugin
-#auth_type = <None>
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+project_name = service
+username = glance
+password = password1234

 # Config Section from which to load plugin specific options (unknown
 # value)
@@ -1391,7 +1397,7 @@
 # service name removed. For example, if your paste section name is
 # [pipeline:glance-api-keystone] use the value "keystone" (string
 # value)
-#flavor = <None>
+flavor = keystone

 # Name of the paste configuration file. (string value)
 #config_file = <None>

Effective configuration only.

/etc/glance/glance-registry.conf
[database]
connection = mysql+pymysql://glance:password1234@controller/glance
 
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = password1234
 
[paste_deploy]
flavor = keystone
  • Populate the Image service database:
root@controller:~# su -s /bin/sh -c "glance-manage db_sync" glance
/usr/lib/python2.7/dist-packages/oslo_db/sqlalchemy/enginefacade.py:1056: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade
  expire_on_commit=expire_on_commit, _conf=conf)
2018-04-22 13:10:35.114 22505 INFO migrate.versioning.api [-] 0 -> 1...
2018-04-22 13:10:35.117 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table images
2018-04-22 13:10:35.152 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.152 22505 INFO migrate.versioning.api [-] 1 -> 2...
2018-04-22 13:10:35.155 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table image_properties
2018-04-22 13:10:35.191 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.192 22505 INFO migrate.versioning.api [-] 2 -> 3...
2018-04-22 13:10:35.248 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.248 22505 INFO migrate.versioning.api [-] 3 -> 4...
2018-04-22 13:10:35.269 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.270 22505 INFO migrate.versioning.api [-] 4 -> 5...
2018-04-22 13:10:35.292 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.292 22505 INFO migrate.versioning.api [-] 5 -> 6...
/usr/lib/python2.7/dist-packages/pymysql/cursors.py:158: Warning: Duplicate index `ix_image_properties_image_id_name`. This is deprecated and will be disallowed in a future release.
  result = self._query(query)
2018-04-22 13:10:35.315 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.315 22505 INFO migrate.versioning.api [-] 6 -> 7...
2018-04-22 13:10:35.340 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.340 22505 INFO migrate.versioning.api [-] 7 -> 8...
2018-04-22 13:10:35.344 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table image_members
2018-04-22 13:10:35.379 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.379 22505 INFO migrate.versioning.api [-] 8 -> 9...
2018-04-22 13:10:35.421 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.421 22505 INFO migrate.versioning.api [-] 9 -> 10...
2018-04-22 13:10:35.429 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.429 22505 INFO migrate.versioning.api [-] 10 -> 11...
2018-04-22 13:10:35.469 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.469 22505 INFO migrate.versioning.api [-] 11 -> 12...
2018-04-22 13:10:35.603 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.603 22505 INFO migrate.versioning.api [-] 12 -> 13...
2018-04-22 13:10:35.630 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.631 22505 INFO migrate.versioning.api [-] 13 -> 14...
2018-04-22 13:10:35.636 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table image_tags
2018-04-22 13:10:35.666 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.666 22505 INFO migrate.versioning.api [-] 14 -> 15...
2018-04-22 13:10:35.679 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.679 22505 INFO migrate.versioning.api [-] 15 -> 16...
2018-04-22 13:10:35.707 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.708 22505 INFO migrate.versioning.api [-] 16 -> 17...
2018-04-22 13:10:35.708 22505 INFO 017_quote_encrypted_swift_credentials [-] 'metadata_encryption_key' was not specified in the config file or a config file was not specified. This means that this migration is a NOOP.
2018-04-22 13:10:35.712 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.713 22505 INFO migrate.versioning.api [-] 17 -> 18...
2018-04-22 13:10:35.718 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table image_locations
2018-04-22 13:10:35.752 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.752 22505 INFO migrate.versioning.api [-] 18 -> 19...
2018-04-22 13:10:35.766 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.766 22505 INFO migrate.versioning.api [-] 19 -> 20...
2018-04-22 13:10:35.788 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.788 22505 INFO migrate.versioning.api [-] 20 -> 21...
2018-04-22 13:10:35.796 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.796 22505 INFO migrate.versioning.api [-] 21 -> 22...
2018-04-22 13:10:35.814 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.815 22505 INFO migrate.versioning.api [-] 22 -> 23...
2018-04-22 13:10:35.821 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.821 22505 INFO migrate.versioning.api [-] 23 -> 24...
2018-04-22 13:10:35.825 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.826 22505 INFO migrate.versioning.api [-] 24 -> 25...
2018-04-22 13:10:35.830 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.830 22505 INFO migrate.versioning.api [-] 25 -> 26...
2018-04-22 13:10:35.854 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.854 22505 INFO migrate.versioning.api [-] 26 -> 27...
2018-04-22 13:10:35.868 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.868 22505 INFO migrate.versioning.api [-] 27 -> 28...
2018-04-22 13:10:35.882 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.882 22505 INFO migrate.versioning.api [-] 28 -> 29...
2018-04-22 13:10:35.929 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.929 22505 INFO migrate.versioning.api [-] 29 -> 30...
2018-04-22 13:10:35.931 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table tasks
2018-04-22 13:10:35.969 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.969 22505 INFO migrate.versioning.api [-] 30 -> 31...
2018-04-22 13:10:35.982 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:35.983 22505 INFO migrate.versioning.api [-] 31 -> 32...
2018-04-22 13:10:35.987 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table task_info
2018-04-22 13:10:36.070 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:36.070 22505 INFO migrate.versioning.api [-] 32 -> 33...
2018-04-22 13:10:36.121 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:36.121 22505 INFO migrate.versioning.api [-] 33 -> 34...
2018-04-22 13:10:36.155 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:36.155 22505 INFO migrate.versioning.api [-] 34 -> 35...
2018-04-22 13:10:36.160 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table metadef_namespaces
2018-04-22 13:10:36.191 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table metadef_objects
2018-04-22 13:10:36.225 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table metadef_properties
2018-04-22 13:10:36.262 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table metadef_resource_types
2018-04-22 13:10:36.291 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table metadef_namespace_resource_types
2018-04-22 13:10:36.337 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:36.337 22505 INFO migrate.versioning.api [-] 35 -> 36...
2018-04-22 13:10:36.356 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:36.356 22505 INFO migrate.versioning.api [-] 36 -> 37...
2018-04-22 13:10:36.424 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:36.425 22505 INFO migrate.versioning.api [-] 37 -> 38...
2018-04-22 13:10:36.426 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table metadef_tags
2018-04-22 13:10:36.451 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:36.451 22505 INFO migrate.versioning.api [-] 38 -> 39...
2018-04-22 13:10:36.647 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:36.647 22505 INFO migrate.versioning.api [-] 39 -> 40...
2018-04-22 13:10:36.662 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:36.662 22505 INFO migrate.versioning.api [-] 40 -> 41...
2018-04-22 13:10:36.670 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table artifacts
2018-04-22 13:10:36.731 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table artifact_tags
2018-04-22 13:10:36.771 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table artifact_properties
2018-04-22 13:10:36.814 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table artifact_blobs
2018-04-22 13:10:36.859 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table artifact_blob_locations
2018-04-22 13:10:36.902 22505 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table artifact_dependencies
2018-04-22 13:10:36.963 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:36.963 22505 INFO migrate.versioning.api [-] 41 -> 42...
2018-04-22 13:10:37.180 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:37.181 22505 INFO migrate.versioning.api [-] 42 -> 43...
2018-04-22 13:10:37.203 22505 INFO migrate.versioning.api [-] done
2018-04-22 13:10:37.204 22505 INFO migrate.versioning.api [-] 43 -> 44...
2018-04-22 13:10:37.213 22505 INFO migrate.versioning.api [-] done
  • Restart, Verify status, Enabling the Image services:
systemctl restart glance-registry
systemctl restart glance-api
systemctl status glance-api glance-registry
systemctl enable glance-api glance-registry
root@controller:~# systemctl restart glance-registry
root@controller:~# systemctl restart glance-api
root@controller:~# systemctl status glance-api glance-registry
● glance-api.service - OpenStack Image Service API
   Loaded: loaded (/lib/systemd/system/glance-api.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2018-04-22 13:12:36 JST; 2s ago
  Process: 22571 ExecStartPre=/bin/chown glance:glance /var/lock/glance /var/log/glance /var/lib/glance (code=exited, status=0/SUCCESS)
  Process: 22568 ExecStartPre=/bin/mkdir -p /var/lock/glance /var/log/glance /var/lib/glance (code=exited, status=0/SUCCESS)
 Main PID: 22574 (glance-api)
    Tasks: 9
   Memory: 140.4M
      CPU: 1.238s
   CGroup: /system.slice/glance-api.service
           ├─22574 /usr/bin/python /usr/bin/glance-api --config-file=/etc/glance/glance-api.conf --log-file=/var/log/glance/glance-api.log
           ├─22586 /usr/bin/python /usr/bin/glance-api --config-file=/etc/glance/glance-api.conf --log-file=/var/log/glance/glance-api.log
           ├─22587 /usr/bin/python /usr/bin/glance-api --config-file=/etc/glance/glance-api.conf --log-file=/var/log/glance/glance-api.log
           ├─22588 /usr/bin/python /usr/bin/glance-api --config-file=/etc/glance/glance-api.conf --log-file=/var/log/glance/glance-api.log
           ├─22589 /usr/bin/python /usr/bin/glance-api --config-file=/etc/glance/glance-api.conf --log-file=/var/log/glance/glance-api.log
           ├─22590 /usr/bin/python /usr/bin/glance-api --config-file=/etc/glance/glance-api.conf --log-file=/var/log/glance/glance-api.log
           ├─22591 /usr/bin/python /usr/bin/glance-api --config-file=/etc/glance/glance-api.conf --log-file=/var/log/glance/glance-api.log
           ├─22592 /usr/bin/python /usr/bin/glance-api --config-file=/etc/glance/glance-api.conf --log-file=/var/log/glance/glance-api.log
           └─22593 /usr/bin/python /usr/bin/glance-api --config-file=/etc/glance/glance-api.conf --log-file=/var/log/glance/glance-api.log

Apr 22 13:12:37 controller glance-api[22574]: 2018-04-22 13:12:37.839 22574 INFO glance.common.wsgi [-] Started child 22589
Apr 22 13:12:37 controller glance-api[22574]: 2018-04-22 13:12:37.840 22589 INFO eventlet.wsgi.server [-] (22589) wsgi starting up on http://
Apr 22 13:12:37 controller glance-api[22574]: 2018-04-22 13:12:37.844 22590 INFO eventlet.wsgi.server [-] (22590) wsgi starting up on http://
Apr 22 13:12:37 controller glance-api[22574]: 2018-04-22 13:12:37.844 22574 INFO glance.common.wsgi [-] Started child 22590
Apr 22 13:12:37 controller glance-api[22574]: 2018-04-22 13:12:37.848 22591 INFO eventlet.wsgi.server [-] (22591) wsgi starting up on http://
Apr 22 13:12:37 controller glance-api[22574]: 2018-04-22 13:12:37.848 22574 INFO glance.common.wsgi [-] Started child 22591
Apr 22 13:12:37 controller glance-api[22574]: 2018-04-22 13:12:37.852 22592 INFO eventlet.wsgi.server [-] (22592) wsgi starting up on http://
Apr 22 13:12:37 controller glance-api[22574]: 2018-04-22 13:12:37.852 22574 INFO glance.common.wsgi [-] Started child 22592
Apr 22 13:12:37 controller glance-api[22574]: 2018-04-22 13:12:37.856 22593 INFO eventlet.wsgi.server [-] (22593) wsgi starting up on http://
Apr 22 13:12:37 controller glance-api[22574]: 2018-04-22 13:12:37.856 22574 INFO glance.common.wsgi [-] Started child 22593

● glance-registry.service - OpenStack Image Service Registry
   Loaded: loaded (/lib/systemd/system/glance-registry.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2018-04-22 13:12:34 JST; 5s ago
  Process: 22539 ExecStartPre=/bin/chown glance:glance /var/lock/glance /var/log/glance /var/lib/glance (code=exited, status=0/SUCCESS)
  Process: 22536 ExecStartPre=/bin/mkdir -p /var/lock/glance /var/log/glance /var/lib/glance (code=exited, status=0/SUCCESS)
 Main PID: 22544 (glance-registry)
    Tasks: 9
   Memory: 114.2M
      CPU: 951ms
   CGroup: /system.slice/glance-registry.service
           ├─22544 /usr/bin/python /usr/bin/glance-registry --config-file=/etc/glance/glance-registry.conf --log-file=/var/log/glance/glance-
           ├─22556 /usr/bin/python /usr/bin/glance-registry --config-file=/etc/glance/glance-registry.conf --log-file=/var/log/glance/glance-
           ├─22557 /usr/bin/python /usr/bin/glance-registry --config-file=/etc/glance/glance-registry.conf --log-file=/var/log/glance/glance-
           ├─22558 /usr/bin/python /usr/bin/glance-registry --config-file=/etc/glance/glance-registry.conf --log-file=/var/log/glance/glance-
           ├─22559 /usr/bin/python /usr/bin/glance-registry --config-file=/etc/glance/glance-registry.conf --log-file=/var/log/glance/glance-
           ├─22560 /usr/bin/python /usr/bin/glance-registry --config-file=/etc/glance/glance-registry.conf --log-file=/var/log/glance/glance-
           ├─22561 /usr/bin/python /usr/bin/glance-registry --config-file=/etc/glance/glance-registry.conf --log-file=/var/log/glance/glance-
           ├─22562 /usr/bin/python /usr/bin/glance-registry --config-file=/etc/glance/glance-registry.conf --log-file=/var/log/glance/glance-
           └─22563 /usr/bin/python /usr/bin/glance-registry --config-file=/etc/glance/glance-registry.conf --log-file=/var/log/glance/glance-

Apr 22 13:12:34 controller glance-registry[22544]: 2018-04-22 13:12:34.997 22544 INFO glance.common.wsgi [-] Started child 22559
Apr 22 13:12:34 controller glance-registry[22544]: 2018-04-22 13:12:34.997 22559 INFO eventlet.wsgi.server [-] (22559) wsgi starting up on ht
Apr 22 13:12:35 controller glance-registry[22544]: 2018-04-22 13:12:35.000 22544 INFO glance.common.wsgi [-] Started child 22560
Apr 22 13:12:35 controller glance-registry[22544]: 2018-04-22 13:12:35.001 22560 INFO eventlet.wsgi.server [-] (22560) wsgi starting up on ht
Apr 22 13:12:35 controller glance-registry[22544]: 2018-04-22 13:12:35.004 22544 INFO glance.common.wsgi [-] Started child 22561
Apr 22 13:12:35 controller glance-registry[22544]: 2018-04-22 13:12:35.005 22561 INFO eventlet.wsgi.server [-] (22561) wsgi starting up on ht
Apr 22 13:12:35 controller glance-registry[22544]: 2018-04-22 13:12:35.007 22544 INFO glance.common.wsgi [-] Started child 22562
Apr 22 13:12:35 controller glance-registry[22544]: 2018-04-22 13:12:35.008 22562 INFO eventlet.wsgi.server [-] (22562) wsgi starting up on ht
Apr 22 13:12:35 controller glance-registry[22544]: 2018-04-22 13:12:35.012 22563 INFO eventlet.wsgi.server [-] (22563) wsgi starting up on ht
Apr 22 13:12:35 controller glance-registry[22544]: 2018-04-22 13:12:35.011 22544 INFO glance.common.wsgi [-] Started child 22563
root@controller:~# systemctl enable glance-api glance-registry
Synchronizing state of glance-api.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable glance-api
Synchronizing state of glance-registry.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable glance-registry

Rebooting and check works correctly.

wnoguchi@controller:~$ sudo systemctl reboot
root@controller:~# source /root/admin-openrc
root@controller:~# glance image-list
+----+------+
| ID | Name |
+----+------+
+----+------+
root@controller:~# exit
logout
wnoguchi@controller:~$ exit
exit
Script done, file is /home/wnoguchi/logs/term/20180422_131703_wnoguchi.log
wnoguchi@controller:~$ sudo systemctl poweroff

Take Snapshot Configure Image Service: Glance

Verify operation

Register CirrOS OS Image

root@controller:~# source /root/admin-openrc
root@controller:~# wget https://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
--2018-04-22 13:41:42--  https://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
Resolving download.cirros-cloud.net (download.cirros-cloud.net)... 64.90.42.85
Connecting to download.cirros-cloud.net (download.cirros-cloud.net)|64.90.42.85|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 13287936 (13M) [text/plain]
Saving to: ‘cirros-0.3.4-x86_64-disk.img’

cirros-0.3.4-x86_64-disk.img        100%[================================================================>]  12.67M  1.39MB/s    in 9.8s

2018-04-22 13:41:52 (1.30 MB/s) - ‘cirros-0.3.4-x86_64-disk.img’ saved [13287936/13287936]

root@controller:~# file cirros-0.3.4-x86_64-disk.img
cirros-0.3.4-x86_64-disk.img: QEMU QCOW Image (v2), 41126400 bytes
root@controller:~# ls -lh cirros-0.3.4-x86_64-disk.img
-rw-r--r-- 1 root root 13M May  8  2015 cirros-0.3.4-x86_64-disk.img
root@controller:~# md5sum cirros-0.3.4-x86_64-disk.img
ee1eca47dc88f4879d8a229cc70a07c6  cirros-0.3.4-x86_64-disk.img
root@controller:~# sha1sum cirros-0.3.4-x86_64-disk.img
66b42b5b24234bea1140a19cb4cd4038ebdbcc7a  cirros-0.3.4-x86_64-disk.img
  • Upload the image to the Image service using the QCOW2 disk format, bare container format, and public visibility so all projects can access it:
openstack image create "cirros" \
  --file cirros-0.3.4-x86_64-disk.img \
  --disk-format qcow2 --container-format bare \
  --public
root@controller:~# openstack image create "cirros" \
>   --file cirros-0.3.4-x86_64-disk.img \
>   --disk-format qcow2 --container-format bare \
>   --public
+------------------+------------------------------------------------------+
| Field            | Value                                                |
+------------------+------------------------------------------------------+
| checksum         | ee1eca47dc88f4879d8a229cc70a07c6                     |
| container_format | bare                                                 |
| created_at       | 2018-04-22T04:47:28Z                                 |
| disk_format      | qcow2                                                |
| file             | /v2/images/381135e0-b56e-4fc1-8c7c-a5b9cd427ba1/file |
| id               | 381135e0-b56e-4fc1-8c7c-a5b9cd427ba1                 |
| min_disk         | 0                                                    |
| min_ram          | 0                                                    |
| name             | cirros                                               |
| owner            | dd0252d2463045a3b0634604959edb9d                     |
| protected        | False                                                |
| schema           | /v2/schemas/image                                    |
| size             | 13287936                                             |
| status           | active                                               |
| tags             |                                                      |
| updated_at       | 2018-04-22T04:47:28Z                                 |
| virtual_size     | None                                                 |
| visibility       | public                                               |
+------------------+------------------------------------------------------+
root@controller:~# openstack image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| 381135e0-b56e-4fc1-8c7c-a5b9cd427ba1 | cirros | active |
+--------------------------------------+--------+--------+

Register CentOS 7.4

root@controller:~# wget http://ftp.jaist.ac.jp/pub/Linux/CentOS/7/isos/x86_64/CentOS-7-x86_64-DVD-1708.iso -P /var/lib/libvirt/images/
--2018-04-22 14:04:24--  http://ftp.jaist.ac.jp/pub/Linux/CentOS/7/isos/x86_64/CentOS-7-x86_64-DVD-1708.iso
Resolving ftp.jaist.ac.jp (ftp.jaist.ac.jp)... 150.65.7.130
Connecting to ftp.jaist.ac.jp (ftp.jaist.ac.jp)|150.65.7.130|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 4521459712 (4.2G) [application/x-iso9660-image]
Saving to: ‘/var/lib/libvirt/images/CentOS-7-x86_64-DVD-1708.iso’

CentOS-7-x86_64-DVD-1708.iso        100%[================================================================>]   4.21G  2.58MB/s    in 21m 54s

2018-04-22 14:26:18 (3.28 MB/s) - ‘/var/lib/libvirt/images/CentOS-7-x86_64-DVD-1708.iso’ saved [4521459712/4521459712]

root@controller:~#
wnoguchi@controller:~$ sudo vim /root/c74.cfg
wnoguchi@controller:~$ sudo vim /root/c74.sh
/root/c74.cfg
cmdline
install
auth --enableshadow --passalgo=sha512
text
firstboot --enable
ignoredisk --only-use=vda
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
network --bootproto=dhcp --device=eth0 --ipv6=auto --activate --hostname=c74
rootpw --plaintext password1234
skipx
timezone Asia/Tokyo
user --name=wnoguchi --password=wnoguchi
xconfig --startxonboot
zerombr
bootloader --location mbr --boot-drive=vda
clearpart --all --initlabel --drives=vda
part /boot --fstype=xfs --size=500 --asprimary
part swap  --size=1024
part / --fstype=xfs --size=1 --grow --asprimary
selinux --disabled
firewall --disabled
poweroff
%packages --nobase
%end
%post
yum -y install tmux vim wget
# backing up
cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/org.ifcfg-eth0
sed -i -e '/UUID=/d' /etc/sysconfig/network-scripts/ifcfg-eth0
sed -i -e '/HWADDR=/d' /etc/sysconfig/network-scripts/ifcfg-eth0
echo "UUID=" >> /etc/sysconfig/network-scripts/ifcfg-eth0
echo "HWADDR=" >> /etc/sysconfig/network-scripts/ifcfg-eth0
sed -i -e '/GRUB_CMDLINE_LINUX=/d' /etc/default/grub
echo 'GRUB_CMDLINE_LINUX="crashkernel=auto console=ttyS0,115200 no_timer_check"' >> /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg
yum update -y
%end
/root/c74.sh
#!/bin/sh
virt-install \
--connect qemu:///system \
--name c74 \
--hvm \
--os-type=linux \
--os-variant=rhel7 \
--ram 2048 \
--vcpu 1 \
--arch x86_64 \
--noautoconsole \
--serial pty \
--console pty \
--disk=/var/lib/libvirt/images/c74.qcow2,format=qcow2,size=10 \
--boot=hd \
--location=/var/lib/libvirt/images/CentOS-7-x86_64-DVD-1708.iso \
--initrd-inject /root/c74.cfg \
--keymap us \
--extra-args=' ks=file:/c74.cfg selinux=0 console=tty0 console=ttyS0'
--nographics \
--noautoconsole \
root@controller:~# wget -P /var/lib/libvirt/images https://cloud-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-amd64-disk1.img
--2018-04-22 16:52:12--  https://cloud-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-amd64-disk1.img
Resolving cloud-images.ubuntu.com (cloud-images.ubuntu.com)... 91.189.92.141
Connecting to cloud-images.ubuntu.com (cloud-images.ubuntu.com)|91.189.92.141|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 290127872 (277M) [application/octet-stream]
Saving to: ‘/var/lib/libvirt/images/ubuntu-16.04-server-cloudimg-amd64-disk1.img’

ubuntu-16.04-server-cloudimg-amd64-disk1.im 100%[===========================================================================================>] 276.69M   860KB/s    in 5m 39s

2018-04-22 16:57:52 (836 KB/s) - ‘/var/lib/libvirt/images/ubuntu-16.04-server-cloudimg-amd64-disk1.img’ saved [290127872/290127872]

root@controller:~#
wnoguchi@controller:~$ df -h
Filesystem                   Size  Used Avail Use% Mounted on
udev                         7.9G     0  7.9G   0% /dev
tmpfs                        1.6G  9.0M  1.6G   1% /run
/dev/mapper/ubuntu--vg-root   78G  7.3G   67G  10% /
tmpfs                        7.9G     0  7.9G   0% /dev/shm
tmpfs                        5.0M     0  5.0M   0% /run/lock
tmpfs                        7.9G     0  7.9G   0% /sys/fs/cgroup
/dev/sda1                    472M  107M  342M  24% /boot
cgmfs                        100K     0  100K   0% /run/cgmanager/fs
tmpfs                        1.6G     0  1.6G   0% /run/user/1000
wnoguchi@controller:~$ sudo systemctl poweroff

Take Snapshot Prior to Build CentOS 7.4 Cloud Image

wnoguchi@controller:~$ source terminal-logging
Script started, file is /home/wnoguchi/logs/term/20180422_174052_wnoguchi.log
wnoguchi@controller:~$ sudo -i
root@controller:~# cd /root/
root@controller:~# sh ./c74.sh

Starting install...
Retrieving file .treeinfo...                                                                                                                             |  354 B  00:00:00
Retrieving file vmlinuz...                                                                                                                               | 5.6 MB  00:00:00
Retrieving file initrd.img...                                                                                                                            |  46 MB  00:00:00
Allocating 'c74.qcow2'                                                                                                                                   |  10 GB  00:00:00
Creating domain...                                                                                                                                       |    0 B  00:00:02
Domain installation still in progress. You can reconnect to
the console to complete the installation process.
root@controller:~# virsh list --all
 Id    Name                           State
----------------------------------------------------
 1     c74                            running

root@controller:~# virsh console c74

30minutes later still running… I can't enter console…
destroy and undefine.

for identify problem, enable virtual serial console.

/root/c74.sh
--extra-args=' ks=file:/c74.cfg selinux=0 console=tty0 console=ttyS0,115200n8'
root@controller:~# virsh destroy c74
Domain c74 destroyed

root@controller:~# virsh undefine c74
Domain c74 has been undefined

root@controller:~# sh ./c74.sh

Starting install...
Retrieving file .treeinfo...                                                                                                                             |  354 B  00:00:00
Retrieving file vmlinuz...                                                                                                                               | 5.6 MB  00:00:00
Retrieving file initrd.img...                                                                                                                            |  46 MB  00:00:00
Creating domain...                                                                                                                                       |    0 B  00:00:02
Domain installation still in progress. You can reconnect to
the console to complete the installation process.
root@controller:~# virsh console c74
anaconda 21.48.22.121-1 for CentOS 7 started.
 * installation log files are stored in /tmp during the installation
 * shell is available on TTY2
 * when reporting a bug add logs from /tmp as separate text/plain attachments
The following problem occurred on line 6 of the kickstart file:

no such option: --only-user















Pane is dead
[anaconda] 1:main* 2:shell  3:log  4:storage-lo> Switch tab: Alt+Tab | Help: F1

In this case, typo found in kickstart file. –only-user

  • Wrong
ignoredisk --only-user=vda
  • Correct
ignoredisk --only-use=vda
root@controller:~# vim /root/c74.cfg
root@controller:~# virsh destroy c74
Domain c74 destroyed

root@controller:~# virsh undefine c74
Domain c74 has been undefined
root@controller:~# sh ./c74.sh

Starting install...
Retrieving file .treeinfo...                                                                                                                             |  354 B  00:00:00
Retrieving file vmlinuz...                                                                                                                               | 5.6 MB  00:00:00
Retrieving file initrd.img...                                                                                                                            |  46 MB  00:00:00
Creating domain...                                                                                                                                       |    0 B  00:00:02
Domain installation still in progress. You can reconnect to
the console to complete the installation process.
root@controller:~# virsh list --all
 Id    Name                           State
----------------------------------------------------
 3     c74                            running
root@controller:~# virt-viewer c74
MobaXterm X11 proxy: Unsupported authorisation protocol
Failed to connect to Mir: Failed to connect to server socket: No such file or directory
Unable to init server: Could not connect: Connection refused
Cannot open display:
Run 'virt-viewer --help' to see a full list of available command line options

still stuck.

root@controller:~# virsh destroy c74 && virsh undefine c74
Domain c74 destroyed

Domain c74 has been undefined
root@controller:~# sh /root/c74.sh
WARNING  No console to launch for the guest, defaulting to --wait -1

Starting install...
Retrieving file .treeinfo...                                                                                                                             |  354 B  00:00:00
Retrieving file vmlinuz...                                                                                                                               | 5.6 MB  00:00:00
Retrieving file initrd.img...                                                                                                                            |  46 MB  00:00:00
ERROR    unsupported configuration: unknown graphics device type 'none'
Domain installation does not appear to have been successful.
If it was, you can restart your domain by running:
  virsh --connect qemu:///system start c74
otherwise, please restart your installation.
root@controller:~# sh /root/c74.sh

Starting install...
Retrieving file .treeinfo...                                                                                                                             |  354 B  00:00:00
Retrieving file vmlinuz...                                                                                                                               | 5.6 MB  00:00:00
Retrieving file initrd.img...                                                                                                                            |  46 MB  00:00:00
Creating domain...                                                                                                                                       |    0 B  00:00:01
Domain installation still in progress. You can reconnect to
the console to complete the installation process.
root@controller:~# virsh console c74
Unknown command: xdonfig
root@controller:~# virsh destroy c74 && virsh undefine c74
Domain c74 destroyed

Domain c74 has been undefined

root@controller:~# vim /root/c74.cfg
root@controller:~# sh /root/c74.sh ; virsh console c74

Starting installer, one moment...
anaconda 21.48.22.121-1 for CentOS 7 started.
 * installation log files are stored in /tmp during the installation
 * shell is available on TTY2
 * when reporting a bug add logs from /tmp as separate text/plain attachments
10:04:59 Not asking for VNC because of an automated install
10:04:59 Not asking for VNC because text mode was explicitly asked for in kickstart

Starting automated install..================================================================================
================================================================================

Question

You have specified that the package 'sed -i -e '/HWADDR=/d' /etc/sysconfig
/network-scripts/ifcfg-eth0' should be installed.  This package does not exist.
Would you like to ignore this package and continue with installation?

Please respond 'yes' or 'no':
root@controller:~# virsh destroy c74 && virsh undefine c74
Domain c74 destroyed

Domain c74 has been undefined

root@controller:~# vim /root/c74.cfg
root@controller:~# sh /root/c74.sh ; virsh console c74

Installing iwl6050-firmware (280/294)
Installing iwl2030-firmware (281/294)
Installing iwl6000g2a-firmware (282/294)
Installing iwl7265-firmware (283/294)
Installing iwl5000-firmware (284/294)
Installing rootfiles (285/294)
Installing ivtv-firmware (286/294)
Installing iwl1000-firmware (287/294)
Installing iwl100-firmware (288/294)
Installing iwl4965-firmware (289/294)
Installing iwl5150-firmware (290/294)
Installing iwl2000-firmware (291/294)
Installing iwl105-firmware (292/294)
Installing iwl3945-firmware (293/294)
Installing iwl6000-firmware (294/294)
Performing post-installation setup tasks
Installing boot loader
.
Performing post-installation setup tasks
.

Configuring installed system
.
Writing network configuration
.
Creating users
.
Configuring addons
.
Generating initramfs
.
Running post-installation scripts
.

[anaconda] 1:main* 2:shell  3:log  4:storage-lo> Switch tab: Alt+Tab | Help: F1
[terminated]
[  OK  ] Started Show Plymouth Power Off Screen.
[  OK  ] Stopped Anaconda.
[  OK  ] Stopped target Anaconda System Services.
         Stopping System Logging Service...
         Stopping Service enabling compressing RAM with zRam...
         Stopping Login Service...
[  OK  ] Stopped System Logging Service.
[  OK  ] Stopped Login Service.
[  OK  ] Deactivated swap /dev/zram0.
[  OK  ] Stopped Service enabling compressing RAM with zRam.
[  OK  ] Stopped Availability of block devices.
         Stopping Logout off all iSCSI sessions on shutdown...
[  OK  ] Stopped Logout off all iSCSI sessions on shutdown.
[  OK  ] Stopped target Network.
         Stopping Network Manager...
[  OK  ] Stopped Network Manager.
         Stopping D-Bus System Message Bus...
[  OK  ] Stopped D-Bus System Message Bus.
[  OK  ] Stopped target Basic System.
[  OK  ] Stopped target Sockets.
[  OK  ] Closed Open-iSCSI iscsid Socket.
[  OK  ] Closed Open-iSCSI iscsiuio Socket.
[  OK  ] Stopped target Paths.
[  OK  ] Stopped target Slices.
[  OK  ] Removed slice User and Session Slice.
[  OK  ] Closed D-Bus System Message Bus Socket.
[  OK  ] Stopped target System Initialization.
[  OK  ] Stopped Apply Kernel Variables.
         Stopping Apply Kernel Variables...
[  OK  ] Stopped Update is Completed.
         Stopping Update is Completed...
[  OK  ] Stopped Rebuild Journal Catalog.
         Stopping Rebuild Journal Catalog...
         Stopping Update UTMP about System Boot/Shutdown...
         Stopping Load/Save Random Seed...
[  OK  ] Stopped Setup Virtual Console.
         Stopping Setup Virtual Console...
[  OK  ] Stopped Rebuild Hardware Database.
         Stopping Rebuild Hardware Database...
[  OK  ] Stopped target Encrypted Volumes.
[  OK  ] Stopped Load/Save Random Seed.
[  OK  ] Stopped Update UTMP about System Boot/Shutdown.
[  OK  ] Stopped Create Volatile Files and Directories.
         Stopping Create Volatile Files and Directories...
[  OK  ] Stopped Import network configuration from initramfs.
         Stopping Import network configuration from initramfs...
[  OK  ] Stopped target Local File Systems.
         Unmounting /mnt/sysimage/run...
         Unmounting /mnt/sysimage/dev/pts...
         Unmounting /mnt/sysimage/boot...
         Unmounting /run/install/repo...
         Unmounting /mnt/sysimage/proc...
         Unmounting /mnt/sysimage/sys...
[  OK  ] Stopped Configure read-only root support.
         Stopping Configure read-only root support...
         Unmounting Temporary Directory...
         Unmounting /mnt/sysimage/dev/shm...
         Unmounting Configuration File System...
[  OK  ] Unmounted /mnt/sysimage/run.
[  OK  ] Unmounted /mnt/sysimage/dev/pts.
[  OK  ] Failed unmounting /run/install/repo.
[  OK  ] Unmounted Temporary Directory.
[  OK  ] Unmounted /mnt/sysimage/dev/shm.
[  OK  ] Unmounted /mnt/sysimage/proc.
[  OK  ] Unmounted /mnt/sysimage/sys.
[  OK  ] Unmounted Configuration File System.
[  OK  ] Stopped target Swap.
         Deactivating swap /dev/vda3...
         Unmounting /mnt/sysimage/dev...
[  OK  ] Unmounted /mnt/sysimage/boot.
[  OK  ] Deactivated swap /dev/disk/by-uuid/...290-b2e1-4667-a503-6ef2ba397ded.
[  OK  ] Deactivated swap /dev/disk/by-path/virtio-pci-0000:00:07.0-part3.
[  OK  ] Deactivated swap /dev/vda3.
[  OK  ] Unmounted /mnt/sysimage/dev.
         Unmounting /mnt/sysimage...
[  OK  ] Unmounted /mnt/sysimage.
[  OK  ] Reached target Unmount All Filesystems.
[  OK  ] Stopped target Local File Systems (Pre).
         Stopping Monitoring of LVM2 mirrors... dmeventd or progress polling...
[  OK  ] Stopped Create Static Device Nodes in /dev.
         Stopping Create Static Device Nodes in /dev...
[  OK  ] Stopped Remount Root and Kernel File Systems.
         Stopping Remount Root and Kernel File Systems...
[  OK  ] Stopped Monitoring of LVM2 mirrors,...ng dmeventd or progress polling.
         Stopping LVM2 metadata daemon...
[  OK  ] Stopped LVM2 metadata daemon.
[  OK  ] Started Restore /run/initramfs.
[  OK  ] Reached target Shutdown.
dracut Warning: Killing all remaining processes
Powering off.
[  403.121241] Power down.

root@controller:~#

succeeded…

root@controller:~# virsh list --all
 Id    Name                           State
----------------------------------------------------
 -     c74                            shut off

root@controller:~# virsh list --inactive
 Id    Name                           State
----------------------------------------------------
 -     c74                            shut off
root@controller:~# ls -lh /var/lib/libvirt/images/
total 6.1G
-rw------- 1 root         root  11G Apr 22 20:35 c74.qcow2
-rw-r--r-- 1 libvirt-qemu kvm  4.3G Sep  6  2017 CentOS-7-x86_64-DVD-1708.iso
-rw-r--r-- 1 root         root 277M Apr 18 18:28 ubuntu-16.04-server-cloudimg-amd64-disk1.img
openstack image create "CentOS 7.4 1708" \
  --file /var/lib/libvirt/images/c74.qcow2 \
  --disk-format qcow2 \
  --container-format bare \
  --public
root@controller:~# . /root/admin-openrc
root@controller:~# openstack image create "CentOS 7.4 1708" \
>   --file /var/lib/libvirt/images/c74.qcow2 \
>   --disk-format qcow2 \
>   --container-format bare \
>   --public
+------------------+------------------------------------------------------+
| Field            | Value                                                |
+------------------+------------------------------------------------------+
| checksum         | 522e87e05648cacdace767683d9c5f7b                     |
| container_format | bare                                                 |
| created_at       | 2018-04-22T21:34:37Z                                 |
| disk_format      | qcow2                                                |
| file             | /v2/images/bbe05671-6728-45dd-9468-6d4b585b57c7/file |
| id               | bbe05671-6728-45dd-9468-6d4b585b57c7                 |
| min_disk         | 0                                                    |
| min_ram          | 0                                                    |
| name             | CentOS 7.4 1708                                      |
| owner            | dd0252d2463045a3b0634604959edb9d                     |
| protected        | False                                                |
| schema           | /v2/schemas/image                                    |
| size             | 10739318784                                          |
| status           | active                                               |
| tags             |                                                      |
| updated_at       | 2018-04-22T21:37:59Z                                 |
| virtual_size     | None                                                 |
| visibility       | public                                               |
+------------------+------------------------------------------------------+
root@controller:~# openstack image list
+--------------------------------------+-----------------+--------+
| ID                                   | Name            | Status |
+--------------------------------------+-----------------+--------+
| bbe05671-6728-45dd-9468-6d4b585b57c7 | CentOS 7.4 1708 | active |
| 381135e0-b56e-4fc1-8c7c-a5b9cd427ba1 | cirros          | active |
+--------------------------------------+-----------------+--------+
  • Ubuntu Server 16.04 LTS
openstack image create "Ubuntu Server 16.04 LTS" \
  --file /var/lib/libvirt/images/ubuntu-16.04-server-cloudimg-amd64-disk1.img \
  --disk-format qcow2 \
  --container-format bare \
  --public
root@controller:~# openstack image create "Ubuntu Server 16.04 LTS" \
>   --file /var/lib/libvirt/images/ubuntu-16.04-server-cloudimg-amd64-disk1.img \
>   --disk-format qcow2 \
>   --container-format bare \
>   --public
+------------------+------------------------------------------------------+
| Field            | Value                                                |
+------------------+------------------------------------------------------+
| checksum         | 0857c6330be27fe0df93a81c85d8fa50                     |
| container_format | bare                                                 |
| created_at       | 2018-04-22T21:54:54Z                                 |
| disk_format      | qcow2                                                |
| file             | /v2/images/482fb923-5c46-4091-93ab-e61348d3d35e/file |
| id               | 482fb923-5c46-4091-93ab-e61348d3d35e                 |
| min_disk         | 0                                                    |
| min_ram          | 0                                                    |
| name             | Ubuntu Server 16.04 LTS                              |
| owner            | dd0252d2463045a3b0634604959edb9d                     |
| protected        | False                                                |
| schema           | /v2/schemas/image                                    |
| size             | 290127872                                            |
| status           | active                                               |
| tags             |                                                      |
| updated_at       | 2018-04-22T21:54:55Z                                 |
| virtual_size     | None                                                 |
| visibility       | public                                               |
+------------------+------------------------------------------------------+
root@controller:~# openstack image list
+--------------------------------------+-------------------------+--------+
| ID                                   | Name                    | Status |
+--------------------------------------+-------------------------+--------+
| 482fb923-5c46-4091-93ab-e61348d3d35e | Ubuntu Server 16.04 LTS | active |
| bbe05671-6728-45dd-9468-6d4b585b57c7 | CentOS 7.4 1708         | active |
| 381135e0-b56e-4fc1-8c7c-a5b9cd427ba1 | cirros                  | active |
+--------------------------------------+-------------------------+--------+
root@controller:~# exit
logout
wnoguchi@controller:~$ exit
exit
Script done, file is /home/wnoguchi/logs/term/20180422_174052_wnoguchi.log

Take Snapshot Build and Register CentOS 7.4 1708, Ubuntu Server 16.04 LTS Cloud Image

Compute Service (Nova)

Install and configure controller node

OpenStack Docs: Install and configure controller node

  • Create database
CREATE DATABASE nova_api;
CREATE DATABASE nova;
 
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
  IDENTIFIED BY 'password1234';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
  IDENTIFIED BY 'password1234';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
  IDENTIFIED BY 'password1234';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
  IDENTIFIED BY 'password1234';
 
FLUSH PRIVILEGES;
root@controller:~# export WELL_KNOWN_PASSWORD=password1234
root@controller:~# mysql -u root -p$WELL_KNOWN_PASSWORD
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 32
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE nova_api;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> CREATE DATABASE nova;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
    ->   IDENTIFIED BY 'password1234';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
    ->   IDENTIFIED BY 'password1234';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
    ->   IDENTIFIED BY 'password1234';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
    ->   IDENTIFIED BY 'password1234';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit
Bye

I want to know MariaDB user list.

root@controller:~# mysql -u root -p$WELL_KNOWN_PASSWORD
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 33
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> SELECT User, Host, Password FROM mysql.user;
+----------+-----------+-------------------------------------------+
| User     | Host      | Password                                  |
+----------+-----------+-------------------------------------------+
| root     | localhost | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
| keystone | localhost | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
| keystone | %         | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
| glance   | localhost | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
| glance   | %         | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
| nova     | localhost | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
| nova     | %         | *D65798AAC0E5C6DF3F320F8A30E026E7EBD73A95 |
+----------+-----------+-------------------------------------------+
7 rows in set (0.00 sec)

MariaDB [(none)]> \q
Bye
  • Load admin environmental variables
root@controller:~# . /root/admin-openrc
  • Create Nova user
root@controller:~# openstack user create --domain default --password $WELL_KNOWN_PASSWORD nova
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | 2c272c534f814e8c8838da32c00bc3ad |
| enabled   | True                             |
| id        | 68a64ebe0d6f4defa8473587d019b814 |
| name      | nova                             |
+-----------+----------------------------------+
  • Add the admin role to the nova user and service project:
root@controller:~# openstack role add --project service --user nova admin
root@controller:~#
  • Create the nova service entity:
root@controller:~# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Compute                |
| enabled     | True                             |
| id          | 5580144f334f4098b4a5f219d225fe96 |
| name        | nova                             |
| type        | compute                          |
+-------------+----------------------------------+
  • Create the Compute service API endpoints:
root@controller:~# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1/%\(tenant_id\)s
+--------------+-------------------------------------------+
| Field        | Value                                     |
+--------------+-------------------------------------------+
| enabled      | True                                      |
| id           | 7f88bddc98d441f29579106cc972848c          |
| interface    | public                                    |
| region       | RegionOne                                 |
| region_id    | RegionOne                                 |
| service_id   | 5580144f334f4098b4a5f219d225fe96          |
| service_name | nova                                      |
| service_type | compute                                   |
| url          | http://controller:8774/v2.1/%(tenant_id)s |
+--------------+-------------------------------------------+
root@controller:~# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1/%\(tenant_id\)s
+--------------+-------------------------------------------+
| Field        | Value                                     |
+--------------+-------------------------------------------+
| enabled      | True                                      |
| id           | 6d78a57d862a453590ba339a3b63e384          |
| interface    | internal                                  |
| region       | RegionOne                                 |
| region_id    | RegionOne                                 |
| service_id   | 5580144f334f4098b4a5f219d225fe96          |
| service_name | nova                                      |
| service_type | compute                                   |
| url          | http://controller:8774/v2.1/%(tenant_id)s |
+--------------+-------------------------------------------+
root@controller:~# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1/%\(tenant_id\)s
+--------------+-------------------------------------------+
| Field        | Value                                     |
+--------------+-------------------------------------------+
| enabled      | True                                      |
| id           | ccc8fe2667f2441ab31321ca661e883c          |
| interface    | admin                                     |
| region       | RegionOne                                 |
| region_id    | RegionOne                                 |
| service_id   | 5580144f334f4098b4a5f219d225fe96          |
| service_name | nova                                      |
| service_type | compute                                   |
| url          | http://controller:8774/v2.1/%(tenant_id)s |
+--------------+-------------------------------------------+

Install and configure components(Controller)

apt-get install -y nova-api nova-conductor nova-consoleauth nova-novncproxy nova-scheduler
root@controller:~# apt-get install -y nova-api nova-conductor nova-consoleauth nova-novncproxy nova-scheduler
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  libjs-swfobject nova-common novnc os-brick-common python-boto python-ecdsa python-nova python-novnc python-os-brick python-os-win python-oslo.reports python-oslo.rootwrap
  python-oslo.versionedobjects python-paramiko python-psutil python-rfc3986 websockify
Suggested packages:
  python-ldap python-os-brick-doc python-os-win-doc python-oslo.reports-doc python-oslo.versionedobjects-doc python-psutil-doc
The following NEW packages will be installed:
  libjs-swfobject nova-api nova-common nova-conductor nova-consoleauth nova-novncproxy nova-scheduler novnc os-brick-common python-boto python-ecdsa python-nova python-novnc
  python-os-brick python-os-win python-oslo.reports python-oslo.rootwrap python-oslo.versionedobjects python-paramiko python-psutil python-rfc3986 websockify
0 upgraded, 22 newly installed, 0 to remove and 0 not upgraded.
Need to get 3,902 kB of archives.
After this operation, 31.5 MB of additional disk space will be used.
Get:1 http://jp.archive.ubuntu.com/ubuntu xenial/universe amd64 libjs-swfobject all 2.2+dfsg-1 [8,474 B]
Get:2 http://jp.archive.ubuntu.com/ubuntu xenial/universe amd64 python-novnc all 1:0.4+dfsg+1+20131010+gitf68af8af3d-4 [19.2 kB]
Get:3 http://jp.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 websockify amd64 0.6.1+dfsg1-1ubuntu1 [38.0 kB]
Get:4 http://jp.archive.ubuntu.com/ubuntu xenial/universe amd64 novnc all 1:0.4+dfsg+1+20131010+gitf68af8af3d-4 [112 kB]
Get:5 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python-rfc3986 all 0.2.2-0ubuntu0.16.04.1 [11.9 kB]
Get:6 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 os-brick-common all 1.2.0-2ubuntu0.3 [4,090 B]
Get:7 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-boto all 2.38.0-1ubuntu1 [747 kB]
Get:8 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-ecdsa all 0.13-2 [34.0 kB]
Get:9 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python-os-brick all 1.2.0-2ubuntu0.3 [61.7 kB]
Get:10 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-os-win all 0.4.1-2 [101 kB]
Get:11 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-psutil amd64 3.4.2-1 [55.2 kB]
Get:12 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-oslo.reports all 1.7.0-2 [24.1 kB]
Get:13 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-oslo.rootwrap all 4.1.0-2 [21.0 kB]
Get:14 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 python-oslo.versionedobjects all 1.8.0-1 [49.2 kB]
Get:15 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python-paramiko all 1.16.0-1ubuntu0.1 [109 kB]
Get:16 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python-nova all 2:13.1.4-0ubuntu4.2 [2,461 kB]
Get:17 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 nova-common all 2:13.1.4-0ubuntu4.2 [12.2 kB]
Get:18 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 nova-api all 2:13.1.4-0ubuntu4.2 [6,778 B]
Get:19 http://jp.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 nova-conductor all 2:13.1.4-0ubuntu4.2 [6,426 B]
Get:20 http://jp.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 nova-consoleauth all 2:13.1.4-0ubuntu4.2 [6,508 B]
Get:21 http://jp.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 nova-novncproxy all 2:13.1.4-0ubuntu4.2 [6,456 B]
Get:22 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 nova-scheduler all 2:13.1.4-0ubuntu4.2 [6,388 B]
Fetched 3,902 kB in 1s (3,285 kB/s)
Selecting previously unselected package libjs-swfobject.
(Reading database ... 124600 files and directories currently installed.)
Preparing to unpack .../libjs-swfobject_2.2+dfsg-1_all.deb ...
Unpacking libjs-swfobject (2.2+dfsg-1) ...
Selecting previously unselected package python-novnc.
Preparing to unpack .../python-novnc_1%3a0.4+dfsg+1+20131010+gitf68af8af3d-4_all.deb ...
Unpacking python-novnc (1:0.4+dfsg+1+20131010+gitf68af8af3d-4) ...
Selecting previously unselected package websockify.
Preparing to unpack .../websockify_0.6.1+dfsg1-1ubuntu1_amd64.deb ...
Unpacking websockify (0.6.1+dfsg1-1ubuntu1) ...
Selecting previously unselected package novnc.
Preparing to unpack .../novnc_1%3a0.4+dfsg+1+20131010+gitf68af8af3d-4_all.deb ...
Unpacking novnc (1:0.4+dfsg+1+20131010+gitf68af8af3d-4) ...
Selecting previously unselected package python-rfc3986.
Preparing to unpack .../python-rfc3986_0.2.2-0ubuntu0.16.04.1_all.deb ...
Unpacking python-rfc3986 (0.2.2-0ubuntu0.16.04.1) ...
Selecting previously unselected package os-brick-common.
Preparing to unpack .../os-brick-common_1.2.0-2ubuntu0.3_all.deb ...
Unpacking os-brick-common (1.2.0-2ubuntu0.3) ...
Selecting previously unselected package python-boto.
Preparing to unpack .../python-boto_2.38.0-1ubuntu1_all.deb ...
Unpacking python-boto (2.38.0-1ubuntu1) ...
Selecting previously unselected package python-ecdsa.
Preparing to unpack .../python-ecdsa_0.13-2_all.deb ...
Unpacking python-ecdsa (0.13-2) ...
Selecting previously unselected package python-os-brick.
Preparing to unpack .../python-os-brick_1.2.0-2ubuntu0.3_all.deb ...
Unpacking python-os-brick (1.2.0-2ubuntu0.3) ...
Selecting previously unselected package python-os-win.
Preparing to unpack .../python-os-win_0.4.1-2_all.deb ...
Unpacking python-os-win (0.4.1-2) ...
Selecting previously unselected package python-psutil.
Preparing to unpack .../python-psutil_3.4.2-1_amd64.deb ...
Unpacking python-psutil (3.4.2-1) ...
Selecting previously unselected package python-oslo.reports.
Preparing to unpack .../python-oslo.reports_1.7.0-2_all.deb ...
Unpacking python-oslo.reports (1.7.0-2) ...
Selecting previously unselected package python-oslo.rootwrap.
Preparing to unpack .../python-oslo.rootwrap_4.1.0-2_all.deb ...
Unpacking python-oslo.rootwrap (4.1.0-2) ...
Selecting previously unselected package python-oslo.versionedobjects.
Preparing to unpack .../python-oslo.versionedobjects_1.8.0-1_all.deb ...
Unpacking python-oslo.versionedobjects (1.8.0-1) ...
Selecting previously unselected package python-paramiko.
Preparing to unpack .../python-paramiko_1.16.0-1ubuntu0.1_all.deb ...
Unpacking python-paramiko (1.16.0-1ubuntu0.1) ...
Selecting previously unselected package python-nova.
Preparing to unpack .../python-nova_2%3a13.1.4-0ubuntu4.2_all.deb ...
Unpacking python-nova (2:13.1.4-0ubuntu4.2) ...
Selecting previously unselected package nova-common.
Preparing to unpack .../nova-common_2%3a13.1.4-0ubuntu4.2_all.deb ...
Unpacking nova-common (2:13.1.4-0ubuntu4.2) ...
Selecting previously unselected package nova-api.
Preparing to unpack .../nova-api_2%3a13.1.4-0ubuntu4.2_all.deb ...
Unpacking nova-api (2:13.1.4-0ubuntu4.2) ...
Selecting previously unselected package nova-conductor.
Preparing to unpack .../nova-conductor_2%3a13.1.4-0ubuntu4.2_all.deb ...
Unpacking nova-conductor (2:13.1.4-0ubuntu4.2) ...
Selecting previously unselected package nova-consoleauth.
Preparing to unpack .../nova-consoleauth_2%3a13.1.4-0ubuntu4.2_all.deb ...
Unpacking nova-consoleauth (2:13.1.4-0ubuntu4.2) ...
Selecting previously unselected package nova-novncproxy.
Preparing to unpack .../nova-novncproxy_2%3a13.1.4-0ubuntu4.2_all.deb ...
Unpacking nova-novncproxy (2:13.1.4-0ubuntu4.2) ...
Selecting previously unselected package nova-scheduler.
Preparing to unpack .../nova-scheduler_2%3a13.1.4-0ubuntu4.2_all.deb ...
Unpacking nova-scheduler (2:13.1.4-0ubuntu4.2) ...
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
Setting up libjs-swfobject (2.2+dfsg-1) ...
Setting up python-novnc (1:0.4+dfsg+1+20131010+gitf68af8af3d-4) ...
Setting up websockify (0.6.1+dfsg1-1ubuntu1) ...
Setting up novnc (1:0.4+dfsg+1+20131010+gitf68af8af3d-4) ...
Setting up python-rfc3986 (0.2.2-0ubuntu0.16.04.1) ...
Setting up os-brick-common (1.2.0-2ubuntu0.3) ...
Setting up python-boto (2.38.0-1ubuntu1) ...
Setting up python-ecdsa (0.13-2) ...
Setting up python-os-brick (1.2.0-2ubuntu0.3) ...
Setting up python-os-win (0.4.1-2) ...
Setting up python-psutil (3.4.2-1) ...
Setting up python-oslo.reports (1.7.0-2) ...
Setting up python-oslo.rootwrap (4.1.0-2) ...
update-alternatives: using /usr/bin/python2-oslo-rootwrap to provide /usr/bin/oslo-rootwrap (oslo-rootwrap) in auto mode
update-alternatives: using /usr/bin/python2-oslo-rootwrap-daemon to provide /usr/bin/oslo-rootwrap-daemon (oslo-rootwrap-daemon) in auto mode
Setting up python-oslo.versionedobjects (1.8.0-1) ...
Setting up python-paramiko (1.16.0-1ubuntu0.1) ...
Setting up python-nova (2:13.1.4-0ubuntu4.2) ...
Setting up nova-common (2:13.1.4-0ubuntu4.2) ...

(snip)

2018-04-23 08:59:43.985 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:43.985 4954 INFO migrate.versioning.api [-] 259 -> 260...
2018-04-23 08:59:43.994 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:43.994 4954 INFO migrate.versioning.api [-] 260 -> 261...
2018-04-23 08:59:44.003 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.004 4954 INFO migrate.versioning.api [-] 261 -> 262...
2018-04-23 08:59:44.012 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.013 4954 INFO migrate.versioning.api [-] 262 -> 263...
2018-04-23 08:59:44.022 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.022 4954 INFO migrate.versioning.api [-] 263 -> 264...
2018-04-23 08:59:44.035 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.035 4954 INFO migrate.versioning.api [-] 264 -> 265...
2018-04-23 08:59:44.067 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.067 4954 INFO migrate.versioning.api [-] 265 -> 266...
2018-04-23 08:59:44.086 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.087 4954 INFO migrate.versioning.api [-] 266 -> 267...
2018-04-23 08:59:44.499 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.500 4954 INFO migrate.versioning.api [-] 267 -> 268...
2018-04-23 08:59:44.540 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.541 4954 INFO migrate.versioning.api [-] 268 -> 269...
2018-04-23 08:59:44.574 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.574 4954 INFO migrate.versioning.api [-] 269 -> 270...
2018-04-23 08:59:44.608 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.608 4954 INFO migrate.versioning.api [-] 270 -> 271...
2018-04-23 08:59:44.915 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.916 4954 INFO migrate.versioning.api [-] 271 -> 272...
2018-04-23 08:59:44.924 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:44.925 4954 INFO migrate.versioning.api [-] 272 -> 273...
2018-04-23 08:59:45.676 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:45.677 4954 INFO migrate.versioning.api [-] 273 -> 274...
2018-04-23 08:59:45.710 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:45.710 4954 INFO migrate.versioning.api [-] 274 -> 275...
2018-04-23 08:59:45.742 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:45.743 4954 INFO migrate.versioning.api [-] 275 -> 276...
2018-04-23 08:59:45.778 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:45.779 4954 INFO migrate.versioning.api [-] 276 -> 277...
2018-04-23 08:59:45.811 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:45.811 4954 INFO migrate.versioning.api [-] 277 -> 278...
2018-04-23 08:59:45.885 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:45.886 4954 INFO migrate.versioning.api [-] 278 -> 279...
2018-04-23 08:59:45.925 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:45.925 4954 INFO migrate.versioning.api [-] 279 -> 280...
2018-04-23 08:59:45.982 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:45.983 4954 INFO migrate.versioning.api [-] 280 -> 281...
2018-04-23 08:59:45.992 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:45.993 4954 INFO migrate.versioning.api [-] 281 -> 282...
2018-04-23 08:59:46.003 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.004 4954 INFO migrate.versioning.api [-] 282 -> 283...
2018-04-23 08:59:46.013 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.013 4954 INFO migrate.versioning.api [-] 283 -> 284...
2018-04-23 08:59:46.021 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.022 4954 INFO migrate.versioning.api [-] 284 -> 285...
2018-04-23 08:59:46.030 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.030 4954 INFO migrate.versioning.api [-] 285 -> 286...
2018-04-23 08:59:46.038 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.039 4954 INFO migrate.versioning.api [-] 286 -> 287...
2018-04-23 08:59:46.048 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.048 4954 INFO migrate.versioning.api [-] 287 -> 288...
2018-04-23 08:59:46.059 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.060 4954 INFO migrate.versioning.api [-] 288 -> 289...
2018-04-23 08:59:46.068 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.069 4954 INFO migrate.versioning.api [-] 289 -> 290...
2018-04-23 08:59:46.077 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.078 4954 INFO migrate.versioning.api [-] 290 -> 291...
2018-04-23 08:59:46.105 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.106 4954 INFO migrate.versioning.api [-] 291 -> 292...
2018-04-23 08:59:46.219 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.220 4954 INFO migrate.versioning.api [-] 292 -> 293...
2018-04-23 08:59:46.271 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.271 4954 INFO migrate.versioning.api [-] 293 -> 294...
2018-04-23 08:59:46.302 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.302 4954 INFO migrate.versioning.api [-] 294 -> 295...
2018-04-23 08:59:46.335 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.336 4954 INFO migrate.versioning.api [-] 295 -> 296...
2018-04-23 08:59:46.345 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.346 4954 INFO migrate.versioning.api [-] 296 -> 297...
2018-04-23 08:59:46.385 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.385 4954 INFO migrate.versioning.api [-] 297 -> 298...
2018-04-23 08:59:46.394 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.394 4954 INFO migrate.versioning.api [-] 298 -> 299...
2018-04-23 08:59:46.428 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.428 4954 INFO migrate.versioning.api [-] 299 -> 300...
2018-04-23 08:59:46.467 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.467 4954 INFO migrate.versioning.api [-] 300 -> 301...
2018-04-23 08:59:46.510 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.510 4954 INFO migrate.versioning.api [-] 301 -> 302...
2018-04-23 08:59:46.545 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.546 4954 INFO migrate.versioning.api [-] 302 -> 303...
2018-04-23 08:59:46.555 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.555 4954 INFO migrate.versioning.api [-] 303 -> 304...
2018-04-23 08:59:46.565 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.565 4954 INFO migrate.versioning.api [-] 304 -> 305...
2018-04-23 08:59:46.573 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.573 4954 INFO migrate.versioning.api [-] 305 -> 306...
2018-04-23 08:59:46.582 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.582 4954 INFO migrate.versioning.api [-] 306 -> 307...
2018-04-23 08:59:46.591 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.591 4954 INFO migrate.versioning.api [-] 307 -> 308...
2018-04-23 08:59:46.599 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.599 4954 INFO migrate.versioning.api [-] 308 -> 309...
2018-04-23 08:59:46.610 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.611 4954 INFO migrate.versioning.api [-] 309 -> 310...
2018-04-23 08:59:46.619 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.620 4954 INFO migrate.versioning.api [-] 310 -> 311...
2018-04-23 08:59:46.628 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.629 4954 INFO migrate.versioning.api [-] 311 -> 312...
2018-04-23 08:59:46.637 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.637 4954 INFO migrate.versioning.api [-] 312 -> 313...
2018-04-23 08:59:46.678 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.678 4954 INFO migrate.versioning.api [-] 313 -> 314...
2018-04-23 08:59:46.735 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.735 4954 INFO migrate.versioning.api [-] 314 -> 315...
2018-04-23 08:59:46.822 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.822 4954 INFO migrate.versioning.api [-] 315 -> 316...
2018-04-23 08:59:46.853 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.853 4954 INFO migrate.versioning.api [-] 316 -> 317...
2018-04-23 08:59:46.881 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:46.881 4954 INFO migrate.versioning.api [-] 317 -> 318...
2018-04-23 08:59:47.049 4954 INFO migrate.versioning.api [-] done
2018-04-23 08:59:47.049 4954 INFO migrate.versioning.api [-] 318 -> 319...
2018-04-23 08:59:47.074 4954 INFO migrate.versioning.api [-] done
Setting up nova-api (2:13.1.4-0ubuntu4.2) ...
Setting up nova-conductor (2:13.1.4-0ubuntu4.2) ...
Setting up nova-consoleauth (2:13.1.4-0ubuntu4.2) ...
Setting up nova-novncproxy (2:13.1.4-0ubuntu4.2) ...
Setting up nova-scheduler (2:13.1.4-0ubuntu4.2) ...
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...

Configure

All nodes in controller, compute node has /etc/nova/nova.conf.
In this section, mixing Nova Coordinator, Client Configuration.

  • Edit the /etc/nova/nova.conf file and complete the following actions:
root@controller:~# cp -p /etc/nova/nova.conf{,.`date +%Y%m%d%H%M%S`}
root@controller:~# ls -l /etc/nova/nova.conf*
-rw-r----- 1 nova nova 462 Dec  9 05:44 /etc/nova/nova.conf
-rw-r----- 1 nova nova 462 Dec  9 05:44 /etc/nova/nova.conf.20180423090746
root@controller:~# vim /etc/nova/nova.conf
root@controller:~# diff -u /etc/nova/nova.conf{.*,}
--- /etc/nova/nova.conf.20180423090746  2017-12-09 05:44:43.000000000 +0900
+++ /etc/nova/nova.conf 2018-04-23 09:26:22.935718654 +0900
@@ -1,4 +1,5 @@
 [DEFAULT]
+my_ip = 192.168.200.134
 dhcpbridge_flagfile=/etc/nova/nova.conf
 dhcpbridge=/usr/bin/nova-dhcpbridge
 logdir=/var/log/nova
@@ -10,9 +11,44 @@
 ec2_private_dns_show_ip=True
 api_paste_config=/etc/nova/api-paste.ini
 enabled_apis=ec2,osapi_compute,metadata
+auth_strategy = keystone
+use_neutron = True
+firewall_driver = nova.virt.firewall.NoopFirewallDriver
+rpc_backend = rabbit

 [database]
-connection=sqlite:////var/lib/nova/nova.sqlite
+connection=mysql+pymysql://nova:password1234@controller/nova

 [api_database]
-connection=sqlite:////var/lib/nova/nova.sqlite
+connection=mysql+pymysql://nova:password1234@controller/nova_api
+
+[glance]
+api_servers = http://controller:9292
+
+[keystone_authtoken]
+auth_uri = http://controller:5000
+auth_url = http://controller:35357
+memcached_servers = controller:11211
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+project_name = service
+username = nova
+password = password1234
+
+[oslo_concurrency]
+lock_path = /var/lib/nova/tmp
+
+[oslo_messaging_rabbit]
+rabbit_host = controller
+rabbit_userid = openstack
+rabbit_password = password1234
+
+[vnc]
+enabled=True
+keymap=ja
+vncserver_listen=0.0.0.0
+vncserver_listen = $my_ip
+vncserver_proxyclient_address = $my_ip
+novncproxy_base_url=http://controller:6080/vnc_auto.html
+

Overall configuration.

/etc/nova/nova.conf
[DEFAULT]
my_ip = 192.168.200.134
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
libvirt_use_virtio_for_bridges=True
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
enabled_apis=ec2,osapi_compute,metadata
auth_strategy = keystone
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
rpc_backend = rabbit
 
[database]
connection=mysql+pymysql://nova:password1234@controller/nova
 
[api_database]
connection=mysql+pymysql://nova:password1234@controller/nova_api
 
[glance]
api_servers = http://controller:9292
 
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = password1234
 
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
 
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = password1234
 
[vnc]
enabled=True
keymap=ja
vncserver_listen=0.0.0.0
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
novncproxy_base_url=http://controller:6080/vnc_auto.html
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage db sync" nova
systemctl restart nova-api
systemctl restart nova-consoleauth
systemctl restart nova-scheduler
systemctl restart nova-conductor
systemctl restart nova-novncproxy
systemctl status nova-api
systemctl status nova-consoleauth
systemctl status nova-scheduler
systemctl status nova-conductor
systemctl status nova-novncproxy
systemctl enable nova-api
systemctl enable nova-consoleauth
systemctl enable nova-scheduler
systemctl enable nova-conductor
systemctl enable nova-novncproxy
root@controller:~# su -s /bin/sh -c "nova-manage api_db sync" nova
Option "logdir" from group "DEFAULT" is deprecated. Use option "log-dir" from group "DEFAULT".
Option "verbose" from group "DEFAULT" is deprecated for removal.  Its value may be silently ignored in the future.
2018-04-23 09:29:58.014 5885 INFO migrate.versioning.api [-] 0 -> 1...
2018-04-23 09:29:58.053 5885 INFO migrate.versioning.api [-] done
2018-04-23 09:29:58.053 5885 INFO migrate.versioning.api [-] 1 -> 2...
2018-04-23 09:29:58.099 5885 INFO migrate.versioning.api [-] done
2018-04-23 09:29:58.099 5885 INFO migrate.versioning.api [-] 2 -> 3...
2018-04-23 09:29:58.139 5885 INFO migrate.versioning.api [-] done
2018-04-23 09:29:58.139 5885 INFO migrate.versioning.api [-] 3 -> 4...
2018-04-23 09:29:58.168 5885 INFO migrate.versioning.api [-] done
2018-04-23 09:29:58.168 5885 INFO migrate.versioning.api [-] 4 -> 5...
2018-04-23 09:29:58.242 5885 INFO migrate.versioning.api [-] done
2018-04-23 09:29:58.243 5885 INFO migrate.versioning.api [-] 5 -> 6...
2018-04-23 09:29:58.295 5885 INFO migrate.versioning.api [-] done
2018-04-23 09:29:58.295 5885 INFO migrate.versioning.api [-] 6 -> 7...
2018-04-23 09:29:58.333 5885 INFO migrate.versioning.api [-] done

root@controller:~# su -s /bin/sh -c "nova-manage db sync" nova
Option "logdir" from group "DEFAULT" is deprecated. Use option "log-dir" from group "DEFAULT".
Option "verbose" from group "DEFAULT" is deprecated for removal.  Its value may be silently ignored in the future.
2018-04-23 09:30:09.402 5895 INFO migrate.versioning.api [-] 215 -> 216...
/usr/lib/python2.7/dist-packages/pymysql/cursors.py:158: Warning: Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will
 be disallowed in a future release.
  result = self._query(query)
2018-04-23 09:30:12.811 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:12.811 5895 INFO migrate.versioning.api [-] 216 -> 217...
2018-04-23 09:30:12.815 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:12.815 5895 INFO migrate.versioning.api [-] 217 -> 218...
2018-04-23 09:30:12.823 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:12.823 5895 INFO migrate.versioning.api [-] 218 -> 219...
2018-04-23 09:30:12.829 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:12.829 5895 INFO migrate.versioning.api [-] 219 -> 220...

(snip)

2018-04-23 09:30:13.630 5895 INFO migrate.versioning.api [-] 243 -> 244...
2018-04-23 09:30:13.660 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:13.660 5895 INFO migrate.versioning.api [-] 244 -> 245...
2018-04-23 09:30:13.881 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:13.881 5895 INFO migrate.versioning.api [-] 245 -> 246...
2018-04-23 09:30:13.924 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:13.925 5895 INFO migrate.versioning.api [-] 246 -> 247...
2018-04-23 09:30:14.044 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:14.044 5895 INFO migrate.versioning.api [-] 247 -> 248...
2018-04-23 09:30:14.052 5895 INFO 248_add_expire_reservations_index [-] Skipped adding reservations_deleted_expire_idx because an equivalent index already exists.
2018-04-23 09:30:14.057 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:14.057 5895 INFO migrate.versioning.api [-] 248 -> 249...
2018-04-23 09:30:14.075 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:14.075 5895 INFO migrate.versioning.api [-] 249 -> 250...
2018-04-23 09:30:14.104 5895 INFO migrate.versioning.api [-] done

(snip)

2018-04-23 09:30:15.908 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:15.908 5895 INFO migrate.versioning.api [-] 306 -> 307...
2018-04-23 09:30:15.913 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:15.913 5895 INFO migrate.versioning.api [-] 307 -> 308...
2018-04-23 09:30:15.917 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:15.917 5895 INFO migrate.versioning.api [-] 308 -> 309...
2018-04-23 09:30:15.922 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:15.922 5895 INFO migrate.versioning.api [-] 309 -> 310...
2018-04-23 09:30:15.928 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:15.928 5895 INFO migrate.versioning.api [-] 310 -> 311...
2018-04-23 09:30:15.932 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:15.933 5895 INFO migrate.versioning.api [-] 311 -> 312...
2018-04-23 09:30:15.939 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:15.939 5895 INFO migrate.versioning.api [-] 312 -> 313...
2018-04-23 09:30:15.999 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:16.000 5895 INFO migrate.versioning.api [-] 313 -> 314...
2018-04-23 09:30:16.112 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:16.112 5895 INFO migrate.versioning.api [-] 314 -> 315...
2018-04-23 09:30:16.362 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:16.362 5895 INFO migrate.versioning.api [-] 315 -> 316...
2018-04-23 09:30:16.408 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:16.408 5895 INFO migrate.versioning.api [-] 316 -> 317...
2018-04-23 09:30:16.454 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:16.455 5895 INFO migrate.versioning.api [-] 317 -> 318...
2018-04-23 09:30:16.650 5895 INFO migrate.versioning.api [-] done
2018-04-23 09:30:16.650 5895 INFO migrate.versioning.api [-] 318 -> 319...
2018-04-23 09:30:16.671 5895 INFO migrate.versioning.api [-] done
root@controller:~# systemctl restart nova-api
root@controller:~# systemctl restart nova-consoleauth
root@controller:~# systemctl restart nova-scheduler
root@controller:~# systemctl restart nova-conductor
root@controller:~# systemctl restart nova-novncproxy
root@controller:~# systemctl status nova-api
● nova-api.service - OpenStack Compute API
   Loaded: loaded (/lib/systemd/system/nova-api.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2018-04-23 09:31:24 JST; 1min 22s ago
  Process: 5924 ExecStartPre=/bin/chown nova:nova /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)
  Process: 5920 ExecStartPre=/bin/mkdir -p /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)
 Main PID: 5929 (nova-api)
    Tasks: 17
   Memory: 539.2M
      CPU: 8.237s
   CGroup: /system.slice/nova-api.service
           ├─5929 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5941 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5942 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5943 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5944 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5945 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5946 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5947 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5948 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5963 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5964 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5965 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5966 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5967 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5968 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           ├─5969 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log
           └─5972 /usr/bin/python /usr/bin/nova-api --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-api.log

Apr 23 09:31:26 controller nova-api[5929]: 2018-04-23 09:31:26.943 5929 INFO nova.wsgi [-] metadata listening on 0.0.0.0:8775
Apr 23 09:31:26 controller nova-api[5929]: 2018-04-23 09:31:26.944 5929 INFO oslo_service.service [-] Starting 8 workers
Apr 23 09:31:27 controller nova-api[5929]: 2018-04-23 09:31:27.238 5963 INFO nova.metadata.wsgi.server [req-f9fa3e53-b08d-4a2c-ac9c-2fdbe1b28175 - - - - -] (5963) wsgi starting
Apr 23 09:31:27 controller nova-api[5929]: 2018-04-23 09:31:27.242 5965 INFO nova.metadata.wsgi.server [req-dc35b7ac-da6d-4567-a90c-a1811a7da1ca - - - - -] (5965) wsgi starting
Apr 23 09:31:27 controller nova-api[5929]: 2018-04-23 09:31:27.246 5966 INFO nova.metadata.wsgi.server [req-a90900da-0282-487c-abd1-f1c7e40be4b0 - - - - -] (5966) wsgi starting
Apr 23 09:31:27 controller nova-api[5929]: 2018-04-23 09:31:27.247 5964 INFO nova.metadata.wsgi.server [req-e859b828-67f0-4c13-a5fd-f87a80872651 - - - - -] (5964) wsgi starting
Apr 23 09:31:27 controller nova-api[5929]: 2018-04-23 09:31:27.249 5968 INFO nova.metadata.wsgi.server [req-f92e3016-01c8-4ea5-becd-33c8180275d1 - - - - -] (5968) wsgi starting
Apr 23 09:31:27 controller nova-api[5929]: 2018-04-23 09:31:27.251 5967 INFO nova.metadata.wsgi.server [req-082b8abe-dc03-4885-839d-d78a88dc6379 - - - - -] (5967) wsgi starting
Apr 23 09:31:27 controller nova-api[5929]: 2018-04-23 09:31:27.268 5972 INFO nova.metadata.wsgi.server [req-7aa6234f-526b-42c1-a999-a8ec4df0d089 - - - - -] (5972) wsgi starting
Apr 23 09:31:27 controller nova-api[5929]: 2018-04-23 09:31:27.270 5969 INFO nova.metadata.wsgi.server [req-b633c474-127d-43f2-b782-46ba82fbd33d - - - - -] (5969) wsgi starting

root@controller:~# systemctl status nova-consoleauth ● nova-consoleauth.service - OpenStack Compute Console

 Loaded: loaded (/lib/systemd/system/nova-consoleauth.service; enabled; vendor preset: enabled)
 Active: active (running) since Mon 2018-04-23 09:32:59 JST; 4s ago
Process: 6123 ExecStartPre=/bin/chown nova:nova /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)
Process: 6119 ExecStartPre=/bin/mkdir -p /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)

Main PID: 6126 (nova-consoleaut)

  Tasks: 1
 Memory: 118.7M
    CPU: 2.162s
 CGroup: /system.slice/nova-consoleauth.service
         └─6126 /usr/bin/python /usr/bin/nova-consoleauth --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-consoleauth.log

Apr 23 09:32:59 controller systemd[1]: Starting OpenStack Compute Console… Apr 23 09:32:59 controller systemd[1]: Started OpenStack Compute Console. Apr 23 09:33:01 controller nova-consoleauth[6126]: Option “logdir” from group “DEFAULT” is deprecated. Use option “log-dir” from group “DEFAULT”. Apr 23 09:33:01 controller nova-consoleauth[6126]: Option “verbose” from group “DEFAULT” is deprecated for removal. Its value may be silently ignored in the future. Apr 23 09:33:01 controller nova-consoleauth[6126]: 2018-04-23 09:33:01.326 6126 WARNING oslo_reports.guru_meditation_report [-] Guru mediation now registers SIGUSR1 and SIGUSR2 Apr 23 09:33:01 controller nova-consoleauth[6126]: 2018-04-23 09:33:01.395 6126 INFO oslo_service.periodic_task [-] Skipping periodic task _periodic_update_dns because its inte Apr 23 09:33:01 controller nova-consoleauth[6126]: 2018-04-23 09:33:01.406 6126 INFO nova.service [-] Starting consoleauth node (version 13.1.4) root@controller:~# systemctl status nova-scheduler ● nova-scheduler.service - OpenStack Compute Scheduler

 Loaded: loaded (/lib/systemd/system/nova-scheduler.service; enabled; vendor preset: enabled)
 Active: active (running) since Mon 2018-04-23 09:31:57 JST; 1min 43s ago
Process: 6020 ExecStartPre=/bin/chown nova:nova /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)
Process: 6014 ExecStartPre=/bin/mkdir -p /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)

Main PID: 6026 (nova-scheduler)

  Tasks: 1
 Memory: 119.8M
    CPU: 2.284s
 CGroup: /system.slice/nova-scheduler.service
         └─6026 /usr/bin/python /usr/bin/nova-scheduler --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-scheduler.log

Apr 23 09:31:57 controller systemd[1]: Starting OpenStack Compute Scheduler… Apr 23 09:31:57 controller systemd[1]: Started OpenStack Compute Scheduler. Apr 23 09:31:59 controller nova-scheduler[6026]: Option “logdir” from group “DEFAULT” is deprecated. Use option “log-dir” from group “DEFAULT”. Apr 23 09:31:59 controller nova-scheduler[6026]: Option “verbose” from group “DEFAULT” is deprecated for removal. Its value may be silently ignored in the future. Apr 23 09:31:59 controller nova-scheduler[6026]: 2018-04-23 09:31:59.229 6026 WARNING oslo_reports.guru_meditation_report [-] Guru mediation now registers SIGUSR1 and SIGUSR2 b Apr 23 09:31:59 controller nova-scheduler[6026]: 2018-04-23 09:31:59.423 6026 INFO oslo_service.periodic_task [req-de2d5052-02a6-4d10-bf08-c9d7461a4ec3 - - - - -] Skipping peri Apr 23 09:31:59 controller nova-scheduler[6026]: 2018-04-23 09:31:59.444 6026 INFO nova.service [-] Starting scheduler node (version 13.1.4) root@controller:~# systemctl status nova-conductor ● nova-conductor.service - OpenStack Compute Conductor

 Loaded: loaded (/lib/systemd/system/nova-conductor.service; enabled; vendor preset: enabled)
 Active: active (running) since Mon 2018-04-23 09:32:18 JST; 1min 31s ago
Process: 6052 ExecStartPre=/bin/chown nova:nova /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)
Process: 6049 ExecStartPre=/bin/mkdir -p /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)

Main PID: 6055 (nova-conductor)

  Tasks: 9
 Memory: 359.3M
    CPU: 6.286s
 CGroup: /system.slice/nova-conductor.service
         ├─6055 /usr/bin/python /usr/bin/nova-conductor --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-conductor.log
         ├─6067 /usr/bin/python /usr/bin/nova-conductor --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-conductor.log
         ├─6068 /usr/bin/python /usr/bin/nova-conductor --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-conductor.log
         ├─6069 /usr/bin/python /usr/bin/nova-conductor --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-conductor.log
         ├─6070 /usr/bin/python /usr/bin/nova-conductor --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-conductor.log
         ├─6071 /usr/bin/python /usr/bin/nova-conductor --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-conductor.log
         ├─6072 /usr/bin/python /usr/bin/nova-conductor --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-conductor.log
         ├─6073 /usr/bin/python /usr/bin/nova-conductor --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-conductor.log
         └─6074 /usr/bin/python /usr/bin/nova-conductor --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-conductor.log

Apr 23 09:32:20 controller nova-conductor[6055]: 2018-04-23 09:32:20.967 6055 INFO oslo_service.periodic_task [-] Skipping periodic task _periodic_update_dns because its interv Apr 23 09:32:20 controller nova-conductor[6055]: 2018-04-23 09:32:20.969 6055 INFO oslo_service.service [req-eccecfdd-bd7e-48cd-aa3d-a58bd9824351 - - - - -] Starting 8 workers Apr 23 09:32:20 controller nova-conductor[6055]: 2018-04-23 09:32:20.976 6067 INFO nova.service [-] Starting conductor node (version 13.1.4) Apr 23 09:32:20 controller nova-conductor[6055]: 2018-04-23 09:32:20.983 6068 INFO nova.service [-] Starting conductor node (version 13.1.4) Apr 23 09:32:20 controller nova-conductor[6055]: 2018-04-23 09:32:20.985 6069 INFO nova.service [-] Starting conductor node (version 13.1.4) Apr 23 09:32:20 controller nova-conductor[6055]: 2018-04-23 09:32:20.993 6070 INFO nova.service [-] Starting conductor node (version 13.1.4) Apr 23 09:32:21 controller nova-conductor[6055]: 2018-04-23 09:32:20.997 6071 INFO nova.service [-] Starting conductor node (version 13.1.4) Apr 23 09:32:21 controller nova-conductor[6055]: 2018-04-23 09:32:21.000 6072 INFO nova.service [-] Starting conductor node (version 13.1.4) Apr 23 09:32:21 controller nova-conductor[6055]: 2018-04-23 09:32:21.009 6074 INFO nova.service [-] Starting conductor node (version 13.1.4) Apr 23 09:32:21 controller nova-conductor[6055]: 2018-04-23 09:32:21.024 6073 INFO nova.service [-] Starting conductor node (version 13.1.4) root@controller:~# systemctl status nova-novncproxy ● nova-novncproxy.service - OpenStack Compute novncproxy

 Loaded: loaded (/lib/systemd/system/nova-novncproxy.service; enabled; vendor preset: enabled)
 Active: active (running) since Mon 2018-04-23 09:32:24 JST; 1min 37s ago
Process: 6090 ExecStartPre=/bin/chown nova:nova /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)
Process: 6086 ExecStartPre=/bin/mkdir -p /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)

Main PID: 6094 (nova-novncproxy)

  Tasks: 1
 Memory: 93.1M
    CPU: 1.028s
 CGroup: /system.slice/nova-novncproxy.service
         └─6094 /usr/bin/python /usr/bin/nova-novncproxy --config-file=/etc/nova/nova.conf --log-file=/var/log/nova/nova-novncproxy.log

Apr 23 09:32:24 controller systemd[1]: Started OpenStack Compute novncproxy. Apr 23 09:32:25 controller nova-novncproxy[6094]: Option “logdir” from group “DEFAULT” is deprecated. Use option “log-dir” from group “DEFAULT”. Apr 23 09:32:25 controller nova-novncproxy[6094]: Option “verbose” from group “DEFAULT” is deprecated for removal. Its value may be silently ignored in the future. Apr 23 09:32:25 controller nova-novncproxy[6094]: 2018-04-23 09:32:25.915 6094 WARNING oslo_reports.guru_meditation_report [-] Guru mediation now registers SIGUSR1 and SIGUSR2 Apr 23 09:32:25 controller nova-novncproxy[6094]: 2018-04-23 09:32:25.916 6094 INFO nova.console.websocketproxy [-] WebSocket server settings: Apr 23 09:32:25 controller nova-novncproxy[6094]: 2018-04-23 09:32:25.916 6094 INFO nova.console.websocketproxy [-] - Listen on 0.0.0.0:6080 Apr 23 09:32:25 controller nova-novncproxy[6094]: 2018-04-23 09:32:25.916 6094 INFO nova.console.websocketproxy [-] - Flash security policy server Apr 23 09:32:25 controller nova-novncproxy[6094]: 2018-04-23 09:32:25.917 6094 INFO nova.console.websocketproxy [-] - Web server (no directory listings). Web root: /usr/share Apr 23 09:32:25 controller nova-novncproxy[6094]: 2018-04-23 09:32:25.917 6094 INFO nova.console.websocketproxy [-] - No SSL/TLS support (no cert file) Apr 23 09:32:25 controller nova-novncproxy[6094]: 2018-04-23 09:32:25.918 6094 INFO nova.console.websocketproxy [-] - proxying from 0.0.0.0:6080 to None:None </code>

root@controller:~# systemctl enable nova-api
Synchronizing state of nova-api.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable nova-api
root@controller:~# systemctl enable nova-consoleauth
Synchronizing state of nova-consoleauth.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable nova-consoleauth
root@controller:~# systemctl enable nova-scheduler
Synchronizing state of nova-scheduler.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable nova-scheduler
root@controller:~# systemctl enable nova-conductor
Synchronizing state of nova-conductor.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable nova-conductor
root@controller:~# systemctl enable nova-novncproxy
Synchronizing state of nova-novncproxy.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable nova-novncproxy

Take Snapshot Install and configure components(Controller)

Install and configure components(Compute)

OpenStack Docs: Install and configure a compute node

  • Install the packages:
root@controller:~# apt-get install -y nova-compute
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  genisoimage kpartx nova-compute-kvm nova-compute-libvirt
Suggested packages:
  wodim cdrkit-doc guestmount multipath-tools sg3-utils sysfsutils
The following NEW packages will be installed:
  genisoimage kpartx nova-compute nova-compute-kvm nova-compute-libvirt
0 upgraded, 5 newly installed, 0 to remove and 5 not upgraded.
Need to get 356 kB of archives.
After this operation, 1,825 kB of additional disk space will be used.
Get:1 http://jp.archive.ubuntu.com/ubuntu xenial/main amd64 genisoimage amd64 9:1.1.11-3ubuntu1 [316 kB]
Get:2 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 kpartx amd64 0.5.0+git1.656f8865-5ubuntu2.5 [24.7 kB]
Get:3 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 nova-compute-libvirt all 2:13.1.4-0ubuntu4.2 [2,816 B]
Get:4 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 nova-compute-kvm all 2:13.1.4-0ubuntu4.2 [2,826 B]
Get:5 http://jp.archive.ubuntu.com/ubuntu xenial-updates/main amd64 nova-compute all 2:13.1.4-0ubuntu4.2 [9,374 B]
Fetched 356 kB in 13s (26.1 kB/s)
Selecting previously unselected package genisoimage.
(Reading database ... 127875 files and directories currently installed.)
Preparing to unpack .../genisoimage_9%3a1.1.11-3ubuntu1_amd64.deb ...
Unpacking genisoimage (9:1.1.11-3ubuntu1) ...
Selecting previously unselected package kpartx.
Preparing to unpack .../kpartx_0.5.0+git1.656f8865-5ubuntu2.5_amd64.deb ...
Unpacking kpartx (0.5.0+git1.656f8865-5ubuntu2.5) ...
Selecting previously unselected package nova-compute-libvirt.
Preparing to unpack .../nova-compute-libvirt_2%3a13.1.4-0ubuntu4.2_all.deb ...
Unpacking nova-compute-libvirt (2:13.1.4-0ubuntu4.2) ...
Selecting previously unselected package nova-compute-kvm.
Preparing to unpack .../nova-compute-kvm_2%3a13.1.4-0ubuntu4.2_all.deb ...
Unpacking nova-compute-kvm (2:13.1.4-0ubuntu4.2) ...
Selecting previously unselected package nova-compute.
Preparing to unpack .../nova-compute_2%3a13.1.4-0ubuntu4.2_all.deb ...
Unpacking nova-compute (2:13.1.4-0ubuntu4.2) ...
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
Setting up genisoimage (9:1.1.11-3ubuntu1) ...
Setting up kpartx (0.5.0+git1.656f8865-5ubuntu2.5) ...
Setting up nova-compute-kvm (2:13.1.4-0ubuntu4.2) ...
Setting up nova-compute (2:13.1.4-0ubuntu4.2) ...
Setting up nova-compute-libvirt (2:13.1.4-0ubuntu4.2) ...
Adding user `nova' to group `libvirtd' ...
Adding user nova to group libvirtd
Done.
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
root@controller:~# ls -l /home/wnoguchi/logs/term/
total 5068
-rw-rw-r-- 1 wnoguchi wnoguchi    2438 Apr 17 07:17 20180417_071103_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi  110195 Apr 17 08:02 20180417_071928_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi   20096 Apr 17 08:05 20180417_080330_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi   55042 Apr 17 08:27 20180417_081100_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi   58103 Apr 17 08:38 20180417_083218_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi   97119 Apr 17 08:42 20180417_084006_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi  121125 Apr 17 09:16 20180417_084329_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi   61663 Apr 17 21:53 20180417_092031_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi     133 Apr 18 07:52 20180418_075204_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi   21986 Apr 18 08:03 20180418_075211_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi  392457 Apr 19 09:31 20180419_075045_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi   73346 Apr 20 08:40 20180419_220104_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi   82427 Apr 21 11:42 20180420_084800_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi  251222 Apr 22 13:14 20180421_121141_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi     358 Apr 22 13:19 20180422_131703_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi 1151489 Apr 22 17:37 20180422_133949_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi   24095 Apr 22 17:39 20180422_173806_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi 2415423 Apr 23 06:57 20180422_174052_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi  108830 Apr 24 07:55 20180423_070714_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi   59631 Apr 24 08:04 20180424_080057_wnoguchi.log
-rw-rw-r-- 1 wnoguchi wnoguchi       0 Apr 24 08:13 20180424_081306_wnoguchi.log
  • Edit the /etc/nova/nova.conf file and complete the following actions:
root@controller:~# cp -p /etc/nova/nova.conf{,.`date +%Y%m%d%H%M%S`}
root@controller:~# ls -l /etc/nova/nova.conf*
-rw-r----- 1 nova nova 1290 Apr 23 09:26 /etc/nova/nova.conf
-rw-r----- 1 nova nova  462 Dec  9 05:44 /etc/nova/nova.conf.20180423090746
-rw-r----- 1 nova nova 1290 Apr 23 09:26 /etc/nova/nova.conf.20180424081708
root@controller:~# vim /etc/nova/nova.conf
root@controller:~# diff -u /etc/nova/nova.conf{.20180423090746,}
--- /etc/nova/nova.conf.20180423090746  2017-12-09 05:44:43.000000000 +0900
+++ /etc/nova/nova.conf 2018-04-23 09:26:22.935718654 +0900
@@ -1,4 +1,5 @@
 [DEFAULT]
+my_ip = 192.168.200.134
 dhcpbridge_flagfile=/etc/nova/nova.conf
 dhcpbridge=/usr/bin/nova-dhcpbridge
 logdir=/var/log/nova
@@ -10,9 +11,44 @@
 ec2_private_dns_show_ip=True
 api_paste_config=/etc/nova/api-paste.ini
 enabled_apis=ec2,osapi_compute,metadata
+auth_strategy = keystone
+use_neutron = True
+firewall_driver = nova.virt.firewall.NoopFirewallDriver
+rpc_backend = rabbit

 [database]
-connection=sqlite:////var/lib/nova/nova.sqlite
+connection=mysql+pymysql://nova:password1234@controller/nova

 [api_database]
-connection=sqlite:////var/lib/nova/nova.sqlite
+connection=mysql+pymysql://nova:password1234@controller/nova_api
+
+[glance]
+api_servers = http://controller:9292
+
+[keystone_authtoken]
+auth_uri = http://controller:5000
+auth_url = http://controller:35357
+memcached_servers = controller:11211
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+project_name = service
+username = nova
+password = password1234
+
+[oslo_concurrency]
+lock_path = /var/lib/nova/tmp
+
+[oslo_messaging_rabbit]
+rabbit_host = controller
+rabbit_userid = openstack
+rabbit_password = password1234
+
+[vnc]
+enabled=True
+keymap=ja
+vncserver_listen=0.0.0.0
+vncserver_listen = $my_ip
+vncserver_proxyclient_address = $my_ip
+novncproxy_base_url=http://controller:6080/vnc_auto.html
+
root@controller:~# diff -u /etc/nova/nova.conf{.20180424081708,}
root@controller:~#

Required field only.

/etc/nova/nova.conf
[DEFAULT]
auth_strategy = keystone
firewall_driver = nova.virt.firewall.NoopFirewallDriver
use_neutron = True
rpc_backend = rabbit
 
[glance]
api_servers = http://controller:9292
 
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = password1234
 
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
 
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = password1234
 
[vnc]
enabled=True
keymap=ja
vncserver_listen=0.0.0.0
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
novncproxy_base_url=http://controller:6080/vnc_auto.html

Make sure Nested-VM enabled.

Determine whether your compute node supports hardware acceleration for virtual machines:

If this command returns a value of one or greater, your compute node supports hardware acceleration which typically requires no additional configuration.

If this command returns a value of zero, your compute node does not support hardware acceleration and you must configure libvirt to use QEMU instead of KVM.
root@controller:~# egrep -c '(vmx|svm)' /proc/cpuinfo
8
  • If no VT-x/AMD-V support available, edit the /etc/nova/nova-compute.conf file and complete the following actions:
root@controller:~# cp -p /etc/nova/nova-compute.conf /root/nova-compute.conf.`date +%Y%m%d%H%M%S`
root@controller:~# ls -l /root/nova-compute.conf.20180424081714
-rw------- 1 nova nova 71 Dec  9 10:50 /root/nova-compute.conf.20180424081714
root@controller:~# vim /etc/nova/nova-compute.conf
root@controller:~# diff -u /root/nova-compute.conf.20180424081714 /etc/nova/nova-compute.conf
--- /root/nova-compute.conf.20180424081714      2017-12-09 10:50:01.000000000 +0900
+++ /etc/nova/nova-compute.conf 2018-04-24 08:56:01.037970434 +0900
@@ -1,4 +1,4 @@
 [DEFAULT]
 compute_driver=libvirt.LibvirtDriver
 [libvirt]
-virt_type=kvm
+virt_type=qemu

All configuration.

/etc/nova/nova-compute.conf
[DEFAULT]
compute_driver=libvirt.LibvirtDriver
[libvirt]
virt_type=qemu
systemctl restart nova-compute
systemctl status nova-compute
systemctl enable nova-compute
root@controller:~# systemctl restart nova-compute
root@controller:~# systemctl status nova-compute
● nova-compute.service - OpenStack Compute
   Loaded: loaded (/lib/systemd/system/nova-compute.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2018-04-24 09:43:57 JST; 554ms ago
  Process: 4072 ExecStartPre=/bin/chown nova:nova /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)
  Process: 4069 ExecStartPre=/bin/mkdir -p /var/lock/nova /var/log/nova /var/lib/nova (code=exited, status=0/SUCCESS)
 Main PID: 4075 (nova-compute)
    Tasks: 1
   Memory: 47.3M
      CPU: 551ms
   CGroup: /system.slice/nova-compute.service
           └─4075 /usr/bin/python /usr/bin/nova-compute --config-file=/etc/nova/nova.conf --config-file=/etc/nova/nova-compute.conf --log-file=/var/log/nova/nova-compute

Apr 24 09:43:57 controller systemd[1]: Starting OpenStack Compute...
Apr 24 09:43:57 controller systemd[1]: Started OpenStack Compute.
root@controller:~# systemctl enable nova-compute
Synchronizing state of nova-compute.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable nova-compute
root@controller:~# . /root/admin-openrc
root@controller:~# openstack compute service list
+----+------------------+------------+----------+---------+-------+----------------------------+
| Id | Binary           | Host       | Zone     | Status  | State | Updated At                 |
+----+------------------+------------+----------+---------+-------+----------------------------+
|  6 | nova-consoleauth | controller | internal | enabled | up    | 2018-04-24T00:44:49.000000 |
|  7 | nova-scheduler   | controller | internal | enabled | up    | 2018-04-24T00:44:48.000000 |
|  8 | nova-conductor   | controller | internal | enabled | up    | 2018-04-24T00:44:48.000000 |
|  9 | nova-compute     | controller | nova     | enabled | up    | 2018-04-24T00:44:55.000000 |
+----+------------------+------------+----------+---------+-------+----------------------------+

Take Snapshot Compute Service (Nova)

Networking Service (Neutron)

Install and configure controller node

  • Create database
CREATE DATABASE neutron;
 
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
  IDENTIFIED BY 'password1234';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
  IDENTIFIED BY 'password1234';
 
FLUSH PRIVILEGES;
root@controller:~# export WELL_KNOWN_PASSWORD=password1234
root@controller:~# mysql -u root -p$WELL_KNOWN_PASSWORD
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 253
Server version: 10.0.34-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE neutron;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
    ->   IDENTIFIED BY 'password1234';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
    ->   IDENTIFIED BY 'password1234';
Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit
Bye
  • Load admin environmental variables
root@controller:~# . /root/admin-openrc
  • Create neutron user
root@controller:~# openstack user create --domain default --password $WELL_KNOWN_PASSWORD neutron
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | 2c272c534f814e8c8838da32c00bc3ad |
| enabled   | True                             |
| id        | 320b2ccb7567488e885b9c23b5fe4498 |
| name      | neutron                          |
+-----------+----------------------------------+
  • Add the admin role to the neutron user:
root@controller:~# openstack role add --project service --user neutron admin
root@controller:~#
  • Create the neutron service entity:
root@controller:~# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Networking             |
| enabled     | True                             |
| id          | 46342613034e4933b3a70d2e152eac7b |
| name        | neutron                          |
| type        | network                          |
+-------------+----------------------------------+
  • Create the Networking service API endpoints:
root@controller:~# openstack endpoint create --region RegionOne network public http://controller:9696
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 22f23c10ba6e480aad30e027e85decbe |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 46342613034e4933b3a70d2e152eac7b |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://controller:9696           |
+--------------+----------------------------------+
root@controller:~# openstack endpoint create --region RegionOne network internal http://controller:9696
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 0b61622cb8d94deaae9a07dbcf40ac14 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 46342613034e4933b3a70d2e152eac7b |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://controller:9696           |
+--------------+----------------------------------+
root@controller:~# openstack endpoint create --region RegionOne network admin http://controller:9696
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 2976ebe6b7dc4247953875c2c1e2d1ac |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 46342613034e4933b3a70d2e152eac7b |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://controller:9696           |
+--------------+----------------------------------+

Install Neutron Packages

Option 2 augments option 1 with layer-3 services that support attaching instances to self-service networks. The demo or other unprivileged user can manage self-service networks including routers that provide connectivity between self-service and provider networks. Additionally, floating IP addresses provide connectivity to instances using self-service networks from external networks such as the Internet.

Self-service networks typically use overlay networks. Overlay network protocols such as VXLAN include additional headers that increase overhead and decrease space available for the payload or user data. Without knowledge of the virtual network infrastructure, instances attempt to send packets using the default Ethernet maximum transmission unit (MTU) of 1500 bytes. The Networking service automatically provides the correct MTU value to instances via DHCP. However, some cloud images do not use DHCP or ignore the DHCP MTU option and require configuration using metadata or a script.

In this case, choose Option 2: Self-service networks

apt-get -y install neutron-server neutron-plugin-ml2 \
  neutron-linuxbridge-agent neutron-l3-agent neutron-dhcp-agent \
  neutron-metadata-agent

Take Snapshot Create database, Install Neutron Packages Option 2: Self-service networks

  • Edit the /etc/nova/nova.conf file and complete the following actions:
root@controller:~# cp -p /etc/neutron/neutron.conf{,.`date +%Y%m%d%H%M%S`}
root@controller:~# ls -l /etc/neutron/neutron.conf*
-rw-r----- 1 root neutron 53923 Apr 12 18:53 /etc/neutron/neutron.conf
-rw-r----- 1 root neutron 53923 Apr 12 18:53 /etc/neutron/neutron.conf.20180425091013
root@controller:~# vim /etc/neutron/neutron.conf
root@controller:~# diff -u /etc/neutron/neutron.conf{.*,}

Overall configuration.

/etc/neutron/neutron.conf
 


































tech/cloud/openstack/mitaka/install-openstack-mitaka-all-in-one-1/install-openstack-mitaka-all-in-one-1.txt · Last modified: 2018/04/25 09:11 by wnoguchi