OpenStack Pike with DevStack

Transcript

1. 1 / 40 OpenStack Introduction [via DevStack] Eueung Mulyana https://telematika.org/remark/devstack

   Intro+Labs | Attribution-ShareAlike CC BY-SA

2. Outline DevStack Installation Dashboard - Horizon CLI - OpenStackClient 2

   / 40

3. OpenStack Pike VirtualBox 5.2.6 | Ubuntu 16.04.3 3 / 40

4. DevStack Intallation 4 / 40

5. 5 / 40 Getting Started 1. Prepare a VM 2.

   Add Stack User 3. Download DevStack 4. Create a local.conf 5. Start Installation (stack.sh) Ref:[OpenStack Docs: DevStack]

6. #1 Prepare VM | 2 CPU - 8 GB 6

   / 40

7. 7 / 40 #2 & #3 Stack User DevStack #

   1: stack user with sudo privileges $ sudo useradd -s /bin/bash -d /opt/stack -m stack $ echo "stack ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/stack $ sudo su - stack # 2: clone/download DevStack $ git clone https://git.openstack.org/openstack-dev/devstack $ cd devstack

8. ~/devstack$ git tag diablo-eol essex-eol folsom-eol grizzly-eol havana-eol icehouse-eol juno-eol

   kilo-2 liberty-eol mitaka-eol ~/devstack$ git branch -a + master remotes/origin/HEAD -> origin/master remotes/origin/master remotes/origin/stable/newton remotes/origin/stable/ocata remotes/origin/stable/pike remotes/origin/stable/queens ~/devstack$ git checkout stable/pike Branch stable/pike set up to track remote branch stable/pike from origin. Switched to a new branch 'stable/pike' ~/devstack$ git branch master + stable/pike # before ./stack.sh ~/devstack$ tree -L 1 -d . |----- data |----- doc |----- exercises |----- extras.d |----- files |----- gate |----- inc |----- lib |----- pkg |----- playbooks |----- roles 8 / 40 DevStack

9. # 3: local.conf $ cp samples/local.conf . $ cat local.conf

   [[local|localrc]] # Minimal Contents # ---------------- #ADMIN_PASSWORD=nomoresecret ADMIN_PASSWORD=12345 DATABASE_PASSWORD=stackdb RABBIT_PASSWORD=stackqueue SERVICE_PASSWORD=$ADMIN_PASSWORD HOST_IP=192.168.56.70 #HOST_IPV6=2001:db8::7 # Logging # ------- LOGFILE=$DEST/logs/stack.sh.log LOGDAYS=2 # Swift # ----- SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5 SWIFT_REPLICAS=1 SWIFT_DATA_DIR=$DEST/data # Others # ----- # after installation OFFLINE=True 9 / 40 #4 local.conf

10. # 4: start intallation # sudo su - stack ~/devstack$

    ./stack.sh ... ========================= DevStack Component Timing ========================= Total runtime 3406 run_process 31 test_with_retry 3 apt-get-update 124 pip_install 689 osc 170 wait_for_service 24 git_timed 979 dbsync 35 apt-get 658 ========================= This is your host IP address: 192.168.56.70 This is your host IPv6 address: ::1 Horizon is now available at http://192.168.56.70/dashboard Keystone is serving at http://192.168.56.70/identity/ The default users are: admin and demo The password: 12345 WARNING: Using lib/neutron-legacy is deprecated, and it will be removed in the future Services are running under systemd unit files. For more information see: https://docs.openstack.org/devstack/latest/systemd.html DevStack Version: pike Change: 68fbb912bd7bc799e8b84d88c4206f7c4b001ad1 Zuul: Remove project name 2018-02-08 16:27:25 OS Version: Ubuntu 16.04 xenial 10 / 40 #5 stack.sh

11. 11 / 40 Folders ~$ tree -L 1 . |-----

    bin |----- cinder |----- data |----- devstack |----- devstack.subunit |----- glance |----- horizon |----- keystone |----- logs |----- neutron |----- nova |----- noVNC |----- requirements |----- tempest

12. Basic Operations Dashboard - Horizon 12 / 40

13. 13 / 40 Getting Started 1. Create Network & Router

    2. Create Instance (+ Key Pair) 3. Assign Floating IP 4. Access & Security Rules

14. #1 | Demo Project | Cred: demo/... 14 / 40

15. #1 | Demo Project | Network: 'private' | Router: 'router1'

    15 / 40

16. #1 | Demo Project | Network Graph 16 / 40

17. #2 | Launch Instance | Create 17 / 40

18. #2 | Launch Instance | Key Pair 18 / 40

19. #2 | Launch Instance | Running 19 / 40

20. #2 | Launch Instance | Network Topology 20 / 40

21. #2 | Launch Instance | Network Graph 21 / 40

22. #3 | Floating IP | Assign 22 / 40

23. #3 | Floating IP 23 / 40

24. #4 | Access & Security Rules | Enable Pings 24

    / 40

25. #4 | Access & Security Rules | Enable Pings 25

    / 40

26. 26 / 40 Test Reachability Floating IP ~/devstack$ hostname -I

    10.0.2.15 192.168.56.70 192.168.122.1 172.24.4.1 2001:db8::2 # unmodified default rule ~/devstack$ ping 172.24.4.9 PING 172.24.4.9 (172.24.4.9) 56(84) bytes of data. ^C --- 172.24.4.9 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4016ms # after ICMP rule insertion ~/devstack$ ping 172.24.4.9 PING 172.24.4.9 (172.24.4.9) 56(84) bytes of data. 64 bytes from 172.24.4.9: icmp_seq=1 ttl=63 time=6.73 ms 64 bytes from 172.24.4.9: icmp_seq=2 ttl=63 time=1.52 ms ^C --- 172.24.4.9 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1005ms rtt min/avg/max/mdev = 1.521/4.126/6.731/2.605 ms

27. Test | VM Instance | 10.0.0.12 27 / 40

28. Test | VM Instance | 10.0.0.12 28 / 40

29. 29 / 40 Route VB Guest DevStack VM # before

    stack.sh stack@x64server:~/devstack$ hostname -I 10.0.2.15 192.168.56.70 192.168.122.1 stack@x64server:~$ /sbin/route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.2.2 0.0.0.0 UG 0 0 0 enp0s3 10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s3 192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s8 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 # after stack.sh stack@x64server:~/devstack$ hostname -I 10.0.2.15 192.168.56.70 192.168.122.1 172.24.4.1 2001:db8::2 stack@x64server:~/devstack$ /sbin/route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.2.2 0.0.0.0 UG 0 0 0 enp0s3 10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s3 172.24.4.0 0.0.0.0 255.255.255.0 U 0 0 0 br-ex 192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s8 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0

30. ~$ route -n Kernel IP routing table Destination Gateway Genmask

    Flags Metric Ref Use Iface 0.0.0.0 192.168.0.1 0.0.0.0 UG 600 0 0 wlp1s0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp1s0 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 192.168.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp1s0 192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 vboxnet0 ~$ sudo route add -net 172.24.4.0 netmask 255.255.255.0 gw 192.168.56.70 # $ sudo route del -net 172.24.4.0 gw 192.168.56.70 netmask 255.255.255.0 ~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.0.1 0.0.0.0 UG 600 0 0 wlp1s0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp1s0 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.24.4.0 192.168.56.70 255.255.255.0 UG 0 0 0 vboxnet0 192.168.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp1s0 192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 vboxnet0 # before stack.sh ~$ ping 172.24.4.1 PING 172.24.4.1 (172.24.4.1) 56(84) bytes of data. ^C --- 172.24.4.1 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 1005ms # after stack.sh ~$ ping 172.24.4.1 PING 172.24.4.1 (172.24.4.1) 56(84) bytes of data. 64 bytes from 172.24.4.1: icmp_seq=1 ttl=64 time=0.644 ms 64 bytes from 172.24.4.1: icmp_seq=2 ttl=64 time=0.636 ms ^C --- 172.24.4.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1002ms rtt min/avg/max/mdev = 0.636/0.640/0.644/0.004 ms # before ICMP rule ~$ ping 172.24.4.9 PING 172.24.4.9 (172.24.4.9) 56(84) bytes of data. ^C 30 / 40 Route VB Host

31. Test | VM Instance | 10.0.0.12 31 / 40

32. Basic Operations CLI - OSC 32 / 40

33. 33 / 40 CLI Test demo user demo project ~/devstack$

    . openrc demo demo WARNING: setting legacy OS_TENANT_NAME to support cli tools. ~/devstack$ openstack server list +--------------------------------------+------+--------+---------------------------------------- | ID | Name | Status | Networks +--------------------------------------+------+--------+---------------------------------------- | fe670153-8a9f-4f34-b4f3-6fc98e0a6937 | node | ACTIVE | private=10.0.0.12, fd3d:7fab:583d:0:f81 +--------------------------------------+------+--------+---------------------------------------- ~/devstack$ openstack image list +--------------------------------------+--------------------------+--------+ | ID | Name | Status | +--------------------------------------+--------------------------+--------+ | 2e5ea796-c099-4a55-a6d9-60f37a093039 | cirros-0.3.5-x86_64-disk | active | +--------------------------------------+--------------------------+--------+ ~/devstack$ openstack user list You are not authorized to perform the requested action: identity:list_users. (HTTP 403) (Request ~/devstack$ openstack --help ~/devstack$ openstack command list

34. # Keystone is serving at http://192.168.56.70/identity/ { "versions": { "values":

    [ { "status": "stable", "updated": "2017-02-22T00:00:00Z", "media-types": [ { "base": "application/json", "type": "application/vnd.openstack.identity-v3+json" } ], "id": "v3.8", "links": [ { "href": "http://192.168.56.70/identity/v3/", "rel": "self" } ] }, { "status": "deprecated", "updated": "2016-08-04T00:00:00Z", "media-types": [ { "base": "application/json", "type": "application/vnd.openstack.identity-v2.0+json" } ], "id": "v2.0", "links": [ { "href": "http://192.168.56.70/identity/v2.0/", "rel": "self" }, { "href": "https://docs.openstack.org/", "type": "text/html", "rel": "describedby" } ] 34 / 40 Keystone identity

35. ~/devstack$ openstack --os-username=admin --os-password=12345 --os-auth-url=http://192.168.56. +----------------------------------+-----------+ | ID | Name

    | +----------------------------------+-----------+ | 072d377ecb23418eb6ce5466eed15934 | glance | | 54c88e67b1204721b39d1b1e7a0c3fae | demo | | 673e2bab55ab40f481ef5cbdd6c7a590 | placement | | 7b425ff57f4641c4a24a728498e4bb6b | admin | | 7cd343a1790f4673a1e069c516b792e3 | nova | | 7ddf2056049e4254aad083e10c27f538 | neutron | | 8f6e5671f00543f69bb172eaae6e6127 | alt_demo | | bcae28b0d6f84017bc5950a11883070b | cinder | +----------------------------------+-----------+ ~/devstack$ openstack --os-username=admin --os-password=12345 --os-auth-url=http://192.168.56. +----------------------------------+--------------------+ | ID | Name | +----------------------------------+--------------------+ | 00d1fbc04a524371b76507c3c4fe8bb1 | demo | | 4a5f1787cad44b859a44612362abb53c | alt_demo | | 4b09d781ee6149b690293b177d48392a | admin | | 51f1294b7f164a3e927214216c68ca65 | invisible_to_admin | | c2437dacab1d427a8d22faf9a45e36a7 | service | +----------------------------------+--------------------+ 35 / 40 CLI Auth via Keystone

36. ~/devstack/accrc$ tree . |----- admin | |---- admin |----- alt_demo

    | |---- admin | |---- alt_demo |----- demo | |---- admin | |---- demo |----- invisible_to_admin |---- demo 4 directories, 6 files ~/devstack/accrc$ cat demo/demo # OpenStack USER ID = 54c88e67b1204721b39d1b1e7a0c3fae export OS_USERNAME="demo" # OpenStack project ID = 00d1fbc04a524371b76507c3c4fe8bb1 export OS_PROJECT_NAME="demo" export OS_AUTH_URL="http://192.168.56.70/identity" export OS_CACERT="" export NOVA_CERT="/opt/stack/devstack/accrc/cacert.pem" export OS_PASSWORD="12345" export OS_USER_DOMAIN_ID=default unset OS_USER_DOMAIN_NAME export OS_PROJECT_DOMAIN_ID=default unset OS_PROJECT_DOMAIN_NAME ~/devstack/accrc$ cat demo/admin # OpenStack USER ID = 7b425ff57f4641c4a24a728498e4bb6b export OS_USERNAME="admin" # OpenStack project ID = 00d1fbc04a524371b76507c3c4fe8bb1 export OS_PROJECT_NAME="demo" export OS_AUTH_URL="http://192.168.56.70/identity" export OS_CACERT="" export NOVA_CERT="/opt/stack/devstack/accrc/cacert.pem" export OS_PASSWORD="12345" export OS_USER_DOMAIN_ID=default unset OS_USER_DOMAIN_NAME export OS_PROJECT_DOMAIN_ID=default unset OS_PROJECT_DOMAIN_NAME t k@ 64 /d t k/ $ 36 / 40 accrc Templates

37. # static IP sdn@onos-tutorial:~$ cat /etc/network/interfaces # This file describes

    the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto enp0s3 iface enp0s3 inet dhcp # The secondary network interface auto enp0s8 iface enp0s8 inet static address 192.168.56.70 netmask 255.255.255.0 network 192.168.56.0 broadcast 192.168.56.255 #gateway 192.168.56.1 #dns-nameservers 8.8.8.8 8.8.4.4 #iface enp0s8 inet dhcp 37 / 40 Notes

38. Refs/Resources 38 / 40

39. Refs/Resources 1. OpenStack Docs: DevStack 2. OpenStack Docs: OpenStackClient 3.

    openstack-dev/devstack 4. OpenStack Docs: All-In-One Single Machine 5. OpenStack Docs: DevStack Networking 6. Using your devstack cloud 39 / 40

40. 40 / 40 END Eueung Mulyana https://telematika.org/remark/devstack Intro+Labs | Attribution-ShareAlike

    CC BY-SA