Assume All in One, Manual Installation.

• Open source software for creating private and public clouds.
• OpenStack Docs: Ocata
• OpenStack Docs: Ocata Installation Guides
• OpenStack Docs: OpenStack Installation Tutorial for Ubuntu

• OpenStack Docs: Overview

This guide covers step-by-step deployment of the major OpenStack services using a functional example architecture suitable for new users of OpenStack with sufficient Linux experience. This guide is not intended to be used for production system installations, but to create a minimum proof-of-concept for the purpose of learning about OpenStack.

DevStack を使うほど怠惰ではないが、いきなり商用環境を考えた環境を作るのは大変。 なので間を取って OpenStack の PoC(proof-of-concept) 環境を構築する。

1. DevStack は開発者用。完全に自動でインストールされて何も勉強にならない。なんで動いているのかわからない。
2. 上記で上げているインストレーションガイドは OpenStack の使い方に慣れるためのインストール方法の紹介(PoC)かなりの手順を順を追って進めていく修羅の道
3. それを終えたら OpenStack の高可用性要件やセキュリティ等の要件を考えたプロダクション環境を構築するためのアーキテクチャを考えて構築する

1. 2 ノード構成。
   1. コントローラノード
   2. コンピュートノード
2. Ubuntu Server 16.04 LTS
3. VMware Workstation 12.5（Nested-VM 機能があるためこれを採用する）

いきなりハードウェア上に環境を構築するのはお金も時間もかかるし、間違ったときの切り戻しが難しいし、やっぱり時間がすごくかかる。なので VMware Workstation を使う。 Oracle VM VirtualBox は Nested-VM をサポートしていないのでだめだと思う。

OpenStack Docs: Overview より参照してくる。

このアーキテクチャがプロダクション環境と異なる点は次の通り。

1. 専用のネットワークノードではなく、コントローラノードと共存している
2. トンネルされたデータトラフィックが管理用ネットワーク上を流れている（ネットワークに負荷がかかった場合管理アクセスが困難となる）

we assume Ubuntu Server already installed.

first of all, create host only network. VMnet1-5 in use already another use.

let's create new one.

select vacant VMnetN. In this case, VMnet6.

configure following, review, apply, and close.

add internal network network adapter,

Explicitly select VMnet6, not Host-only one.

Review configuration result.

Start VM.

まずはここから！Linuxサーバでカジュアルに作業ログを取得する方法 - Qiita

log_archive_directory=$HOME/logs/term
mkdir -p $log_archive_directory
 
log_archive_directory=$HOME/logs/term;script ${log_archive_directory}/$(date +%Y%m%d_%H%M%S)_$(whoami).log

wnoguchi@ubuntu:~$ log_archive_directory=$HOME/logs/term
wnoguchi@ubuntu:~$ mkdir -p $log_archive_directory
wnoguchi@ubuntu:~$ log_archive_directory=$HOME/logs/term;script ${log_archive_directory}/$(date +%Y%m%d_%H%M%S)_$(whoami).log
Script started, file is /home/wnoguchi/logs/term/20180321_113839_wnoguchi.log

wnoguchi@ubuntu:~$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:de:5a:75 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.132/24 brd 192.168.200.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fede:5a75/64 scope link
       valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:0c:29:de:5a:7f brd ff:ff:ff:ff:ff:ff

/etc/network/interfaces.d/ens38

auto ens38

wnoguchi@ubuntu:~$ sudo vim /etc/network/interfaces.d/ens38
wnoguchi@ubuntu:~$ sudo systemctl daemon-reload
wnoguchi@ubuntu:~$ sudo systemctl restart network
Failed to restart network.service: Unit network.service not found.
wnoguchi@ubuntu:~$ sudo systemctl restart networking
Job for networking.service failed because the control process exited with error code. See "systemctl status networking.service" and "journalctl -xe" for details.
wnoguchi@ubuntu:~$ sudo systemctl status networking.service
● networking.service - Raise network interfaces
   Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor preset: enabled)
  Drop-In: /run/systemd/generator/networking.service.d
           └─50-insserv.conf-$network.conf
   Active: failed (Result: exit-code) since Wed 2018-03-21 19:23:57 JST; 23s ago
     Docs: man:interfaces(5)
  Process: 1555 ExecStop=/sbin/ifdown -a --read-environment --exclude=lo (code=exited, status=0/SUCCESS)
  Process: 1619 ExecStart=/sbin/ifup -a --read-environment (code=exited, status=1/FAILURE)
  Process: 1611 ExecStartPre=/bin/sh -c [ "$CONFIGURE_INTERFACES" != "no" ] && [ -n "$(ifquery --read-environment --list --exclude=lo)" ] && udevadm settle (code=exited, status=0/SUCCESS)
 Main PID: 1619 (code=exited, status=1/FAILURE)

Mar 21 19:23:56 ubuntu ifup[1619]: DHCPREQUEST of 192.168.200.132 on ens33 to 255.255.255.255 port 67 (xid=0x2eeac4e5)
Mar 21 19:23:56 ubuntu ifup[1619]: DHCPOFFER of 192.168.200.132 from 192.168.200.254
Mar 21 19:23:56 ubuntu ifup[1619]: DHCPACK of 192.168.200.132 from 192.168.200.254
Mar 21 19:23:56 ubuntu dhclient[1634]: DHCPOFFER of 192.168.200.132 from 192.168.200.254
Mar 21 19:23:56 ubuntu dhclient[1634]: DHCPACK of 192.168.200.132 from 192.168.200.254
Mar 21 19:23:57 ubuntu ifup[1619]: bound to 192.168.200.132 -- renewal in 841 seconds.
Mar 21 19:23:57 ubuntu systemd[1]: networking.service: Main process exited, code=exited, status=1/FAILURE
Mar 21 19:23:57 ubuntu systemd[1]: Failed to start Raise network interfaces.
Mar 21 19:23:57 ubuntu systemd[1]: networking.service: Unit entered failed state.
Mar 21 19:23:57 ubuntu systemd[1]: networking.service: Failed with result 'exit-code'.

NAT LAN

• ens33 192.168.200.132/24 172.16.1.121/24
• ens38 192.168.1.121/24

wnoguchi@ubuntu:~$ ip ro
default via 192.168.200.2 dev ens33
192.168.200.0/24 dev ens33  proto kernel  scope link  src 192.168.200.132
wnoguchi@ubuntu:~$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.200.2
search localdomain

may wrong ens38 internal interface configuration.

/etc/network/interfaces

auto ens33
iface ens33 inet dhcp
↓
auto ens33
iface ens33 inet static
address 192.168.200.132
netmask 255.255.255.0
gateway 192.168.200.1
dns-nameservers 192.168.200.2

/etc/network/interfaces.d/ens38

auto ens38
↓
auto ens38
iface ens38 inet static
address 192.168.1.121
netmask 255.255.255.0

wnoguchi@ubuntu:~$ sudo systemctl daemon-reload
wnoguchi@ubuntu:~$ sudo systemctl restart networking.service
Job for networking.service failed because the control process exited with error code. See "systemctl status networking.service" and "journalctl -xe" for details.

wnoguchi@ubuntu:~$ ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:de:5a:75 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.132/24 brd 192.168.200.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fede:5a75/64 scope link
       valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:de:5a:7f brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.121/24 brd 192.168.1.255 scope global ens38
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fede:5a7f/64 scope link
       valid_lft forever preferred_lft forever

wnoguchi@ubuntu:~$ sudo vim /etc/network/interfaces
wnoguchi@ubuntu:~$ sudo systemctl restart networking.service
Job for networking.service failed because the control process exited with error code. See "systemctl status networking.service" and "journalctl -xe" for details.
wnoguchi@ubuntu:~$ sudo systemctl daemon-reload
wnoguchi@ubuntu:~$ sudo systemctl restart networking.service
Job for networking.service failed because the control process exited with error code. See "systemctl status networking.service" and "journalctl -xe" for details.
wnoguchi@ubuntu:~$ sudo vim /etc/network/interfaces
wnoguchi@ubuntu:~$ sudo rm -f /etc/network/interfaces.d/ens33

finally.

/etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
 
source /etc/network/interfaces.d/*
 
# The loopback network interface
auto lo
iface lo inet loopback
 
# The primary network interface
auto ens33
iface ens33 inet dhcp
 
auto ens38
iface ens38 inet static
address 192.168.1.121
netmask 255.255.255.0

wnoguchi@ubuntu:~$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:de:5a:75 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.132/24 brd 192.168.200.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fede:5a75/64 scope link
       valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:de:5a:7f brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.121/24 brd 192.168.1.255 scope global ens38
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fede:5a7f/64 scope link
       valid_lft forever preferred_lft forever
wnoguchi@ubuntu:~$ sudo systemctl status networking.service
[sudo] password for wnoguchi:
● networking.service - Raise network interfaces
   Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor preset: enabled)
  Drop-In: /run/systemd/generator/networking.service.d
           └─50-insserv.conf-$network.conf
   Active: active (exited) since Wed 2018-03-21 19:46:46 JST; 35s ago
     Docs: man:interfaces(5)
  Process: 1221 ExecStart=/sbin/ifup -a --read-environment (code=exited, status=0/SUCCESS)
  Process: 1027 ExecStartPre=/bin/sh -c [ "$CONFIGURE_INTERFACES" != "no" ] && [ -n "$(ifquery --read-environment --list --exclude=lo)" ] && udevadm settle (code=exited, status=0/SUCCESS)
 Main PID: 1221 (code=exited, status=0/SUCCESS)
    Tasks: 0
   Memory: 0B
      CPU: 0
   CGroup: /system.slice/networking.service

Mar 21 19:46:42 ubuntu systemd[1]: Starting Raise network interfaces...
Mar 21 19:46:46 ubuntu systemd[1]: Started Raise network interfaces.
wnoguchi@ubuntu:~$ sudo systemctl restart networking

Much more memory.

Much more processors, and VERY IMPORTANT: Make sure checked “Virtualize Intel VT-x/EPT or AMD-V/RVI” to use Nested-VM feature to KVM.

Change default editor to vim.

sudo update-alternatives --config editor
sudo select-editor

Allow no password sudo.

cat <<EOF | sudo tee /etc/sudoers.d/wnoguchi
wnoguchi ALL=(ALL) NOPASSWD:ALL
EOF

root@ubuntu:~# hostnamectl set-hostname controller
root@ubuntu:~# hostname
controller

/etc/hosts

127.0.1.1       controller
127.0.1.1       controller.openstack.pg1x.internal controller

root@ubuntu:~# apt-get -y install chrony

/etc/chrony/chrony.conf

#pool 2.debian.pool.ntp.org offline iburst
↓
server ntp.nict.jp iburst
server ntp.jst.mfeed.ad.jp iburst

root@ubuntu:~# systemctl restart chrony
root@ubuntu:~# systemctl status chrony
● chrony.service - LSB: Controls chronyd NTP time daemon
   Loaded: loaded (/etc/init.d/chrony; bad; vendor preset: enabled)
   Active: active (running) since Sun 2018-03-25 14:56:58 JST; 4s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 2537 ExecStop=/etc/init.d/chrony stop (code=exited, status=0/SUCCESS)
  Process: 2546 ExecStart=/etc/init.d/chrony start (code=exited, status=0/SUCCESS)
    Tasks: 1
   Memory: 544.0K
      CPU: 31ms
   CGroup: /system.slice/chrony.service
           └─2553 /usr/sbin/chronyd

Mar 25 14:56:56 controller systemd[1]: Starting LSB: Controls chronyd NTP time daemon...
Mar 25 14:56:56 controller chronyd[2553]: chronyd version 2.1.1 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP -DEBUG +ASYNCDNS +IPV6 +SE
Mar 25 14:56:56 controller chronyd[2553]: Frequency -2541.814 +/- 35.348 ppm read from /var/lib/chrony/chrony.drift
Mar 25 14:56:58 controller chrony[2546]: chronyd is running and online.
Mar 25 14:56:58 controller systemd[1]: Started LSB: Controls chronyd NTP time daemon.
Mar 25 14:57:01 controller chronyd[2553]: Selected source 133.243.238.243
root@ubuntu:~# chronyc sources
210 Number of sources = 2
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* ntp-a2.nict.go.jp             1   6    17    32   -407us[ -528us] +/- 6079us
^- ntp3.jst.mfeed.ad.jp          2   6    17    32  +1083us[+1083us] +/-  120ms
root@ubuntu:~# chronyc sources | fgrep "*"
^* ntp-a2.nict.go.jp             1   6    17    61   -407us[ -528us] +/- 6079us
root@ubuntu:~# date
Sun Mar 25 14:58:23 JST 2018

wnoguchi@ubuntu:~$ sudo apt-get install -y software-properties-common && sudo apt-get -y update && sudo apt-get dist-upgrade -y && sudo systemctl reboot
Reading package lists... Done
Building dependency tree
Reading state information... Done
software-properties-common is already the newest version (0.96.20.7).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Hit:1 http://jp.archive.ubuntu.com/ubuntu xenial InRelease
Get:2 http://jp.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:3 http://jp.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Get:4 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Fetched 306 kB in 3s (88.4 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

OpenStack Computing Environment supported are:

1. Physical Server(Bare-Metal)
2. Virtualization Environment
3. Container Environment

In this case, assume a KVM Virtualization Environment.

Install KVM related softwares.

wnoguchi@controller:~$ sudo apt-get install -y qemu-kvm libvirt-bin virtinst bridge-utils

wnoguchi@controller:~$ sudo systemctl status libvirt-bin
● libvirt-bin.service - Virtualization daemon
   Loaded: loaded (/lib/systemd/system/libvirt-bin.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2018-03-25 17:46:33 JST; 41min ago
     Docs: man:libvirtd(8)
           http://libvirt.org
 Main PID: 6333 (libvirtd)
    Tasks: 18
   Memory: 22.4M
      CPU: 10.641s
   CGroup: /system.slice/libvirt-bin.service
           ├─6333 /usr/sbin/libvirtd
           ├─6703 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvir
           └─6704 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvir

Mar 25 17:46:33 controller systemd[1]: Started Virtualization daemon.
Mar 25 17:46:44 controller dnsmasq[6703]: started, version 2.75 cachesize 150
Mar 25 17:46:44 controller dnsmasq[6703]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth
Mar 25 17:46:44 controller dnsmasq-dhcp[6703]: DHCP, IP range 192.168.122.2 -- 192.168.122.254, lease time 1h
Mar 25 17:46:44 controller dnsmasq-dhcp[6703]: DHCP, sockets bound exclusively to interface virbr0
Mar 25 17:46:44 controller dnsmasq[6703]: reading /etc/resolv.conf
Mar 25 17:46:44 controller dnsmasq[6703]: using nameserver 192.168.200.2#53
Mar 25 17:46:44 controller dnsmasq[6703]: read /etc/hosts - 6 addresses
Mar 25 17:46:44 controller dnsmasq[6703]: read /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
Mar 25 17:46:44 controller dnsmasq-dhcp[6703]: read /var/lib/libvirt/dnsmasq/default.hostsfile

wnoguchi@controller:~$ ip a s 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1

  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  inet 127.0.0.1/8 scope host lo
     valid_lft forever preferred_lft forever
  inet6 ::1/128 scope host
     valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

  link/ether 00:0c:29:de:5a:75 brd ff:ff:ff:ff:ff:ff
  inet 192.168.200.132/24 brd 192.168.200.255 scope global ens33
     valid_lft forever preferred_lft forever
  inet6 fe80::20c:29ff:fede:5a75/64 scope link
     valid_lft forever preferred_lft forever

3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

  link/ether 00:0c:29:de:5a:7f brd ff:ff:ff:ff:ff:ff
  inet 192.168.1.121/24 brd 192.168.1.255 scope global ens38
     valid_lft forever preferred_lft forever
  inet6 fe80::20c:29ff:fede:5a7f/64 scope link
     valid_lft forever preferred_lft forever

4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000

  link/ether 52:54:00:9c:5c:46 brd ff:ff:ff:ff:ff:ff
  inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
     valid_lft forever preferred_lft forever

5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000

  link/ether 52:54:00:9c:5c:46 brd ff:ff:ff:ff:ff:ff

OpenStack Docs: SQL database

sudo apt install -y mariadb-server python-pymysql

BOOKMARK

/etc/mysql/mariadb.conf.d/99-openstack.cnf

[mysqld]
bind-address = 10.0.0.11
 
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8

dd=if=/dev/zero of=/root/cinder.img bs=1024M count=32