tech:cloud:openstack:ocata:install:gs:ubuntu:ubuntu
Table of Contents
OpenStack Ocata: Getting Started: Ubuntu Server 16.04 LTS
Assume All in One, Manual Installation.
About
This guide covers step-by-step deployment of the major OpenStack services using a functional example architecture suitable for new users of OpenStack with sufficient Linux experience. This guide is not intended to be used for production system installations, but to create a minimum proof-of-concept for the purpose of learning about OpenStack.
DevStack を使うほど怠惰ではないが、いきなり商用環境を考えた環境を作るのは大変。 なので間を取って OpenStack の PoC(proof-of-concept) 環境を構築する。
- DevStack は開発者用。完全に自動でインストールされて何も勉強にならない。なんで動いているのかわからない。
- 上記で上げているインストレーションガイドは OpenStack の使い方に慣れるためのインストール方法の紹介(PoC)かなりの手順を順を追って進めていく修羅の道
- それを終えたら OpenStack の高可用性要件やセキュリティ等の要件を考えたプロダクション環境を構築するためのアーキテクチャを考えて構築する
- 2 ノード構成。
- コントローラノード
- コンピュートノード
- Ubuntu Server 16.04 LTS
- VMware Workstation 12.5(Nested-VM 機能があるためこれを採用する)
いきなりハードウェア上に環境を構築するのはお金も時間もかかるし、間違ったときの切り戻しが難しいし、やっぱり時間がすごくかかる。なので VMware Workstation を使う。 Oracle VM VirtualBox は Nested-VM をサポートしていないのでだめだと思う。
Architecture
OpenStack Docs: Overview より参照してくる。
このアーキテクチャがプロダクション環境と異なる点は次の通り。
- 専用のネットワークノードではなく、コントローラノードと共存している
- トンネルされたデータトラフィックが管理用ネットワーク上を流れている(ネットワークに負荷がかかった場合管理アクセスが困難となる)
Install Ubuntu
we assume Ubuntu Server already installed.
first of all, create host only network. VMnet1-5 in use already another use.
let's create new one.
select vacant VMnetN. In this case, VMnet6.
configure following, review, apply, and close.
add internal network network adapter,
Explicitly select VMnet6, not Host-only one.
Review configuration result.
Start VM.
まずはここから!Linuxサーバでカジュアルに作業ログを取得する方法 - Qiita
log_archive_directory=$HOME/logs/term mkdir -p $log_archive_directory log_archive_directory=$HOME/logs/term;script ${log_archive_directory}/$(date +%Y%m%d_%H%M%S)_$(whoami).log
wnoguchi@ubuntu:~$ log_archive_directory=$HOME/logs/term
wnoguchi@ubuntu:~$ mkdir -p $log_archive_directory
wnoguchi@ubuntu:~$ log_archive_directory=$HOME/logs/term;script ${log_archive_directory}/$(date +%Y%m%d_%H%M%S)_$(whoami).log
Script started, file is /home/wnoguchi/logs/term/20180321_113839_wnoguchi.log
wnoguchi@ubuntu:~$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:de:5a:75 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.132/24 brd 192.168.200.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fede:5a75/64 scope link
valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:0c:29:de:5a:7f brd ff:ff:ff:ff:ff:ff
- /etc/network/interfaces.d/ens38
auto ens38
wnoguchi@ubuntu:~$ sudo vim /etc/network/interfaces.d/ens38
wnoguchi@ubuntu:~$ sudo systemctl daemon-reload
wnoguchi@ubuntu:~$ sudo systemctl restart network
Failed to restart network.service: Unit network.service not found.
wnoguchi@ubuntu:~$ sudo systemctl restart networking
Job for networking.service failed because the control process exited with error code. See "systemctl status networking.service" and "journalctl -xe" for details.
wnoguchi@ubuntu:~$ sudo systemctl status networking.service
● networking.service - Raise network interfaces
Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor preset: enabled)
Drop-In: /run/systemd/generator/networking.service.d
└─50-insserv.conf-$network.conf
Active: failed (Result: exit-code) since Wed 2018-03-21 19:23:57 JST; 23s ago
Docs: man:interfaces(5)
Process: 1555 ExecStop=/sbin/ifdown -a --read-environment --exclude=lo (code=exited, status=0/SUCCESS)
Process: 1619 ExecStart=/sbin/ifup -a --read-environment (code=exited, status=1/FAILURE)
Process: 1611 ExecStartPre=/bin/sh -c [ "$CONFIGURE_INTERFACES" != "no" ] && [ -n "$(ifquery --read-environment --list --exclude=lo)" ] && udevadm settle (code=exited, status=0/SUCCESS)
Main PID: 1619 (code=exited, status=1/FAILURE)
Mar 21 19:23:56 ubuntu ifup[1619]: DHCPREQUEST of 192.168.200.132 on ens33 to 255.255.255.255 port 67 (xid=0x2eeac4e5)
Mar 21 19:23:56 ubuntu ifup[1619]: DHCPOFFER of 192.168.200.132 from 192.168.200.254
Mar 21 19:23:56 ubuntu ifup[1619]: DHCPACK of 192.168.200.132 from 192.168.200.254
Mar 21 19:23:56 ubuntu dhclient[1634]: DHCPOFFER of 192.168.200.132 from 192.168.200.254
Mar 21 19:23:56 ubuntu dhclient[1634]: DHCPACK of 192.168.200.132 from 192.168.200.254
Mar 21 19:23:57 ubuntu ifup[1619]: bound to 192.168.200.132 -- renewal in 841 seconds.
Mar 21 19:23:57 ubuntu systemd[1]: networking.service: Main process exited, code=exited, status=1/FAILURE
Mar 21 19:23:57 ubuntu systemd[1]: Failed to start Raise network interfaces.
Mar 21 19:23:57 ubuntu systemd[1]: networking.service: Unit entered failed state.
Mar 21 19:23:57 ubuntu systemd[1]: networking.service: Failed with result 'exit-code'.
NAT LAN
- ens33 192.168.200.132/24
172.16.1.121/24 - ens38 192.168.1.121/24
wnoguchi@ubuntu:~$ ip ro default via 192.168.200.2 dev ens33 192.168.200.0/24 dev ens33 proto kernel scope link src 192.168.200.132 wnoguchi@ubuntu:~$ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 192.168.200.2 search localdomain
may wrong ens38 internal interface configuration.
- /etc/network/interfaces
auto ens33 iface ens33 inet dhcp ↓ auto ens33 iface ens33 inet static address 192.168.200.132 netmask 255.255.255.0 gateway 192.168.200.1 dns-nameservers 192.168.200.2
- /etc/network/interfaces.d/ens38
auto ens38 ↓ auto ens38 iface ens38 inet static address 192.168.1.121 netmask 255.255.255.0
wnoguchi@ubuntu:~$ sudo systemctl daemon-reload wnoguchi@ubuntu:~$ sudo systemctl restart networking.service Job for networking.service failed because the control process exited with error code. See "systemctl status networking.service" and "journalctl -xe" for details.
wnoguchi@ubuntu:~$ ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:de:5a:75 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.132/24 brd 192.168.200.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fede:5a75/64 scope link
valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:de:5a:7f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.121/24 brd 192.168.1.255 scope global ens38
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fede:5a7f/64 scope link
valid_lft forever preferred_lft forever
wnoguchi@ubuntu:~$ sudo vim /etc/network/interfaces wnoguchi@ubuntu:~$ sudo systemctl restart networking.service Job for networking.service failed because the control process exited with error code. See "systemctl status networking.service" and "journalctl -xe" for details. wnoguchi@ubuntu:~$ sudo systemctl daemon-reload wnoguchi@ubuntu:~$ sudo systemctl restart networking.service Job for networking.service failed because the control process exited with error code. See "systemctl status networking.service" and "journalctl -xe" for details. wnoguchi@ubuntu:~$ sudo vim /etc/network/interfaces wnoguchi@ubuntu:~$ sudo rm -f /etc/network/interfaces.d/ens33
finally.
- /etc/network/interfaces
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto ens33 iface ens33 inet dhcp auto ens38 iface ens38 inet static address 192.168.1.121 netmask 255.255.255.0
wnoguchi@ubuntu:~$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:de:5a:75 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.132/24 brd 192.168.200.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fede:5a75/64 scope link
valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:de:5a:7f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.121/24 brd 192.168.1.255 scope global ens38
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fede:5a7f/64 scope link
valid_lft forever preferred_lft forever
wnoguchi@ubuntu:~$ sudo systemctl status networking.service
[sudo] password for wnoguchi:
● networking.service - Raise network interfaces
Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor preset: enabled)
Drop-In: /run/systemd/generator/networking.service.d
└─50-insserv.conf-$network.conf
Active: active (exited) since Wed 2018-03-21 19:46:46 JST; 35s ago
Docs: man:interfaces(5)
Process: 1221 ExecStart=/sbin/ifup -a --read-environment (code=exited, status=0/SUCCESS)
Process: 1027 ExecStartPre=/bin/sh -c [ "$CONFIGURE_INTERFACES" != "no" ] && [ -n "$(ifquery --read-environment --list --exclude=lo)" ] && udevadm settle (code=exited, status=0/SUCCESS)
Main PID: 1221 (code=exited, status=0/SUCCESS)
Tasks: 0
Memory: 0B
CPU: 0
CGroup: /system.slice/networking.service
Mar 21 19:46:42 ubuntu systemd[1]: Starting Raise network interfaces...
Mar 21 19:46:46 ubuntu systemd[1]: Started Raise network interfaces.
wnoguchi@ubuntu:~$ sudo systemctl restart networking
Review VM Configuration
Much more memory.
Much more processors, and VERY IMPORTANT: Make sure checked “Virtualize Intel VT-x/EPT or AMD-V/RVI” to use Nested-VM feature to KVM.
Preparation
Change default editor to vim.
sudo update-alternatives --config editor sudo select-editor
Allow no password sudo.
cat <<EOF | sudo tee /etc/sudoers.d/wnoguchi wnoguchi ALL=(ALL) NOPASSWD:ALL EOF
Configure Host Name
root@ubuntu:~# hostnamectl set-hostname controller root@ubuntu:~# hostname controller
- /etc/hosts
127.0.1.1 controller 127.0.1.1 controller.openstack.pg1x.internal controller
NTP
root@ubuntu:~# apt-get -y install chrony
- /etc/chrony/chrony.conf
#pool 2.debian.pool.ntp.org offline iburst ↓ server ntp.nict.jp iburst server ntp.jst.mfeed.ad.jp iburst
root@ubuntu:~# systemctl restart chrony
root@ubuntu:~# systemctl status chrony
● chrony.service - LSB: Controls chronyd NTP time daemon
Loaded: loaded (/etc/init.d/chrony; bad; vendor preset: enabled)
Active: active (running) since Sun 2018-03-25 14:56:58 JST; 4s ago
Docs: man:systemd-sysv-generator(8)
Process: 2537 ExecStop=/etc/init.d/chrony stop (code=exited, status=0/SUCCESS)
Process: 2546 ExecStart=/etc/init.d/chrony start (code=exited, status=0/SUCCESS)
Tasks: 1
Memory: 544.0K
CPU: 31ms
CGroup: /system.slice/chrony.service
└─2553 /usr/sbin/chronyd
Mar 25 14:56:56 controller systemd[1]: Starting LSB: Controls chronyd NTP time daemon...
Mar 25 14:56:56 controller chronyd[2553]: chronyd version 2.1.1 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP -DEBUG +ASYNCDNS +IPV6 +SE
Mar 25 14:56:56 controller chronyd[2553]: Frequency -2541.814 +/- 35.348 ppm read from /var/lib/chrony/chrony.drift
Mar 25 14:56:58 controller chrony[2546]: chronyd is running and online.
Mar 25 14:56:58 controller systemd[1]: Started LSB: Controls chronyd NTP time daemon.
Mar 25 14:57:01 controller chronyd[2553]: Selected source 133.243.238.243
root@ubuntu:~# chronyc sources
210 Number of sources = 2
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* ntp-a2.nict.go.jp 1 6 17 32 -407us[ -528us] +/- 6079us
^- ntp3.jst.mfeed.ad.jp 2 6 17 32 +1083us[+1083us] +/- 120ms
root@ubuntu:~# chronyc sources | fgrep "*"
^* ntp-a2.nict.go.jp 1 6 17 61 -407us[ -528us] +/- 6079us
root@ubuntu:~# date
Sun Mar 25 14:58:23 JST 2018
Repository and Package Update
wnoguchi@ubuntu:~$ sudo apt-get install -y software-properties-common && sudo apt-get -y update && sudo apt-get dist-upgrade -y && sudo systemctl reboot Reading package lists... Done Building dependency tree Reading state information... Done software-properties-common is already the newest version (0.96.20.7). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Hit:1 http://jp.archive.ubuntu.com/ubuntu xenial InRelease Get:2 http://jp.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB] Get:3 http://jp.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB] Get:4 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB] Fetched 306 kB in 3s (88.4 kB/s) Reading package lists... Done Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Prepare KVM Environment
OpenStack Computing Environment supported are:
- Physical Server(Bare-Metal)
- Virtualization Environment
- Container Environment
In this case, assume a KVM Virtualization Environment.
Install KVM related softwares.
wnoguchi@controller:~$ sudo apt-get install -y qemu-kvm libvirt-bin virtinst bridge-utils
wnoguchi@controller:~$ sudo systemctl status libvirt-bin
● libvirt-bin.service - Virtualization daemon
Loaded: loaded (/lib/systemd/system/libvirt-bin.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2018-03-25 17:46:33 JST; 41min ago
Docs: man:libvirtd(8)
http://libvirt.org
Main PID: 6333 (libvirtd)
Tasks: 18
Memory: 22.4M
CPU: 10.641s
CGroup: /system.slice/libvirt-bin.service
├─6333 /usr/sbin/libvirtd
├─6703 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvir
└─6704 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvir
Mar 25 17:46:33 controller systemd[1]: Started Virtualization daemon.
Mar 25 17:46:44 controller dnsmasq[6703]: started, version 2.75 cachesize 150
Mar 25 17:46:44 controller dnsmasq[6703]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth
Mar 25 17:46:44 controller dnsmasq-dhcp[6703]: DHCP, IP range 192.168.122.2 -- 192.168.122.254, lease time 1h
Mar 25 17:46:44 controller dnsmasq-dhcp[6703]: DHCP, sockets bound exclusively to interface virbr0
Mar 25 17:46:44 controller dnsmasq[6703]: reading /etc/resolv.conf
Mar 25 17:46:44 controller dnsmasq[6703]: using nameserver 192.168.200.2#53
Mar 25 17:46:44 controller dnsmasq[6703]: read /etc/hosts - 6 addresses
Mar 25 17:46:44 controller dnsmasq[6703]: read /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
Mar 25 17:46:44 controller dnsmasq-dhcp[6703]: read /var/lib/libvirt/dnsmasq/default.hostsfile
wnoguchi@controller:~$ ip a s 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:de:5a:75 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.132/24 brd 192.168.200.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fede:5a75/64 scope link
valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:de:5a:7f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.121/24 brd 192.168.1.255 scope global ens38
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fede:5a7f/64 scope link
valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:9c:5c:46 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:9c:5c:46 brd ff:ff:ff:ff:ff:ff
Create database
sudo apt install -y mariadb-server python-pymysql
BOOKMARK
- /etc/mysql/mariadb.conf.d/99-openstack.cnf
[mysqld] bind-address = 10.0.0.11 default-storage-engine = innodb innodb_file_per_table = on max_connections = 4096 collation-server = utf8_general_ci character-set-server = utf8
dd=if=/dev/zero of=/root/cinder.img bs=1024M count=32
tech/cloud/openstack/ocata/install/gs/ubuntu/ubuntu.txt · Last modified: 2018/03/25 20:31 by wnoguchi
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
