OpenStack Pike with DevStack

Transcript

1. 1 / 40
   OpenStack
   Introduction [via DevStack]
   Eueung Mulyana
   https://telematika.org/remark/devstack
   Intro+Labs | Attribution-ShareAlike CC BY-SA
   

   View Slide

2. Outline
   DevStack Installation
   Dashboard - Horizon
   CLI - OpenStackClient
   2 / 40
   

   View Slide

3. OpenStack Pike
   VirtualBox 5.2.6 | Ubuntu 16.04.3
   3 / 40
   

   View Slide

4. DevStack Intallation
   4 / 40
   

   View Slide

5. 5 / 40
   Getting Started
   1. Prepare a VM
   2. Add Stack User
   3. Download DevStack
   4. Create a local.conf
   5. Start Installation (stack.sh)
   Ref:[OpenStack Docs: DevStack]
   

   View Slide

6. #1 Prepare VM | 2 CPU - 8 GB
   6 / 40
   

   View Slide

7. 7 / 40
   #2 & #3
   Stack User
   DevStack
   # 1: stack user with sudo privileges
   $ sudo useradd -s /bin/bash -d /opt/stack -m stack
   $ echo "stack ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/stack
   $ sudo su - stack
   # 2: clone/download DevStack
   $ git clone https://git.openstack.org/openstack-dev/devstack
   $ cd devstack
   

   View Slide

8. ~/devstack$ git tag
   diablo-eol
   essex-eol
   folsom-eol
   grizzly-eol
   havana-eol
   icehouse-eol
   juno-eol
   kilo-2
   liberty-eol
   mitaka-eol
   ~/devstack$ git branch -a
   + master
   remotes/origin/HEAD -> origin/master
   remotes/origin/master
   remotes/origin/stable/newton
   remotes/origin/stable/ocata
   remotes/origin/stable/pike
   remotes/origin/stable/queens
   ~/devstack$ git checkout stable/pike
   Branch stable/pike set up to track remote branch stable/pike from origin.
   Switched to a new branch 'stable/pike'
   ~/devstack$ git branch
   master
   + stable/pike
   # before ./stack.sh
   ~/devstack$ tree -L 1 -d
   .
   |----- data
   |----- doc
   |----- exercises
   |----- extras.d
   |----- files
   |----- gate
   |----- inc
   |----- lib
   |----- pkg
   |----- playbooks
   |----- roles 8 / 40
   DevStack
   

   View Slide

9. # 3: local.conf
   $ cp samples/local.conf .
   $ cat local.conf
   [[local|localrc]]
   # Minimal Contents
   # ----------------
   #ADMIN_PASSWORD=nomoresecret
   ADMIN_PASSWORD=12345
   DATABASE_PASSWORD=stackdb
   RABBIT_PASSWORD=stackqueue
   SERVICE_PASSWORD=$ADMIN_PASSWORD
   HOST_IP=192.168.56.70
   #HOST_IPV6=2001:db8::7
   # Logging
   # -------
   LOGFILE=$DEST/logs/stack.sh.log
   LOGDAYS=2
   # Swift
   # -----
   SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5
   SWIFT_REPLICAS=1
   SWIFT_DATA_DIR=$DEST/data
   # Others
   # -----
   # after installation
   OFFLINE=True
   9 / 40
   #4
   local.conf
   

   View Slide

10. # 4: start intallation
    # sudo su - stack
    ~/devstack$ ./stack.sh
    ...
    =========================
    DevStack Component Timing
    =========================
    Total runtime 3406
    run_process 31
    test_with_retry 3
    apt-get-update 124
    pip_install 689
    osc 170
    wait_for_service 24
    git_timed 979
    dbsync 35
    apt-get 658
    =========================
    This is your host IP address: 192.168.56.70
    This is your host IPv6 address: ::1
    Horizon is now available at http://192.168.56.70/dashboard
    Keystone is serving at http://192.168.56.70/identity/
    The default users are: admin and demo
    The password: 12345
    WARNING:
    Using lib/neutron-legacy is deprecated, and it will be removed in the future
    Services are running under systemd unit files.
    For more information see:
    https://docs.openstack.org/devstack/latest/systemd.html
    DevStack Version: pike
    Change: 68fbb912bd7bc799e8b84d88c4206f7c4b001ad1 Zuul: Remove project name 2018-02-08 16:27:25
    OS Version: Ubuntu 16.04 xenial
    10 / 40
    #5
    stack.sh
    

    View Slide

11. 11 / 40
    Folders
    ~$ tree -L 1
    .
    |----- bin
    |----- cinder
    |----- data
    |----- devstack
    |----- devstack.subunit
    |----- glance
    |----- horizon
    |----- keystone
    |----- logs
    |----- neutron
    |----- nova
    |----- noVNC
    |----- requirements
    |----- tempest
    

    View Slide

12. Basic Operations
    Dashboard - Horizon
    12 / 40
    

    View Slide

13. 13 / 40
    Getting Started
    1. Create Network & Router
    2. Create Instance (+ Key Pair)
    3. Assign Floating IP
    4. Access & Security Rules
    

    View Slide

14. #1 | Demo Project | Cred: demo/...
    14 / 40
    

    View Slide

15. #1 | Demo Project | Network: 'private' | Router: 'router1'
    15 / 40
    

    View Slide

16. #1 | Demo Project | Network Graph
    16 / 40
    

    View Slide

17. #2 | Launch Instance | Create
    17 / 40
    

    View Slide

18. #2 | Launch Instance | Key Pair
    18 / 40
    

    View Slide

19. #2 | Launch Instance | Running
    19 / 40
    

    View Slide

20. #2 | Launch Instance | Network Topology
    20 / 40
    

    View Slide

21. #2 | Launch Instance | Network Graph
    21 / 40
    

    View Slide

22. #3 | Floating IP | Assign
    22 / 40
    

    View Slide

23. #3 | Floating IP
    23 / 40
    

    View Slide

24. #4 | Access & Security Rules | Enable Pings
    24 / 40
    

    View Slide

25. #4 | Access & Security Rules | Enable Pings
    25 / 40
    

    View Slide

26. 26 / 40
    Test
    Reachability
    Floating IP
    ~/devstack$ hostname -I
    10.0.2.15 192.168.56.70 192.168.122.1 172.24.4.1 2001:db8::2
    # unmodified default rule
    ~/devstack$ ping 172.24.4.9
    PING 172.24.4.9 (172.24.4.9) 56(84) bytes of data.
    ^C
    --- 172.24.4.9 ping statistics ---
    5 packets transmitted, 0 received, 100% packet loss, time 4016ms
    # after ICMP rule insertion
    ~/devstack$ ping 172.24.4.9
    PING 172.24.4.9 (172.24.4.9) 56(84) bytes of data.
    64 bytes from 172.24.4.9: icmp_seq=1 ttl=63 time=6.73 ms
    64 bytes from 172.24.4.9: icmp_seq=2 ttl=63 time=1.52 ms
    ^C
    --- 172.24.4.9 ping statistics ---
    2 packets transmitted, 2 received, 0% packet loss, time 1005ms
    rtt min/avg/max/mdev = 1.521/4.126/6.731/2.605 ms
    

    View Slide

27. Test | VM Instance | 10.0.0.12
    27 / 40
    

    View Slide

28. Test | VM Instance | 10.0.0.12
    28 / 40
    

    View Slide

29. 29 / 40
    Route
    VB Guest
    DevStack VM
    # before stack.sh
    stack@x64server:~/devstack$ hostname -I
    10.0.2.15 192.168.56.70 192.168.122.1
    stack@x64server:~$ /sbin/route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    0.0.0.0 10.0.2.2 0.0.0.0 UG 0 0 0 enp0s3
    10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s3
    192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s8
    192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
    # after stack.sh
    stack@x64server:~/devstack$ hostname -I
    10.0.2.15 192.168.56.70 192.168.122.1 172.24.4.1 2001:db8::2
    stack@x64server:~/devstack$ /sbin/route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    0.0.0.0 10.0.2.2 0.0.0.0 UG 0 0 0 enp0s3
    10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s3
    172.24.4.0 0.0.0.0 255.255.255.0 U 0 0 0 br-ex
    192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s8
    192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
    

    View Slide

30. ~$ route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    0.0.0.0 192.168.0.1 0.0.0.0 UG 600 0 0 wlp1s0
    169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp1s0
    172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
    192.168.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp1s0
    192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 vboxnet0
    ~$ sudo route add -net 172.24.4.0 netmask 255.255.255.0 gw 192.168.56.70
    # $ sudo route del -net 172.24.4.0 gw 192.168.56.70 netmask 255.255.255.0
    ~$ route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    0.0.0.0 192.168.0.1 0.0.0.0 UG 600 0 0 wlp1s0
    169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp1s0
    172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
    172.24.4.0 192.168.56.70 255.255.255.0 UG 0 0 0 vboxnet0
    192.168.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp1s0
    192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 vboxnet0
    # before stack.sh
    ~$ ping 172.24.4.1
    PING 172.24.4.1 (172.24.4.1) 56(84) bytes of data.
    ^C
    --- 172.24.4.1 ping statistics ---
    2 packets transmitted, 0 received, 100% packet loss, time 1005ms
    # after stack.sh
    ~$ ping 172.24.4.1
    PING 172.24.4.1 (172.24.4.1) 56(84) bytes of data.
    64 bytes from 172.24.4.1: icmp_seq=1 ttl=64 time=0.644 ms
    64 bytes from 172.24.4.1: icmp_seq=2 ttl=64 time=0.636 ms
    ^C
    --- 172.24.4.1 ping statistics ---
    2 packets transmitted, 2 received, 0% packet loss, time 1002ms
    rtt min/avg/max/mdev = 0.636/0.640/0.644/0.004 ms
    # before ICMP rule
    ~$ ping 172.24.4.9
    PING 172.24.4.9 (172.24.4.9) 56(84) bytes of data.
    ^C 30 / 40
    Route
    VB Host
    

    View Slide

31. Test | VM Instance | 10.0.0.12
    31 / 40
    

    View Slide

32. Basic Operations
    CLI - OSC
    32 / 40
    

    View Slide

33. 33 / 40
    CLI Test
    demo user
    demo project
    ~/devstack$ . openrc demo demo
    WARNING: setting legacy OS_TENANT_NAME to support cli tools.
    ~/devstack$ openstack server list
    +--------------------------------------+------+--------+----------------------------------------
    | ID | Name | Status | Networks
    +--------------------------------------+------+--------+----------------------------------------
    | fe670153-8a9f-4f34-b4f3-6fc98e0a6937 | node | ACTIVE | private=10.0.0.12, fd3d:7fab:583d:0:f81
    +--------------------------------------+------+--------+----------------------------------------
    ~/devstack$ openstack image list
    +--------------------------------------+--------------------------+--------+
    | ID | Name | Status |
    +--------------------------------------+--------------------------+--------+
    | 2e5ea796-c099-4a55-a6d9-60f37a093039 | cirros-0.3.5-x86_64-disk | active |
    +--------------------------------------+--------------------------+--------+
    ~/devstack$ openstack user list
    You are not authorized to perform the requested action: identity:list_users. (HTTP 403) (Request
    ~/devstack$ openstack --help
    ~/devstack$ openstack command list
    

    View Slide

34. # Keystone is serving at http://192.168.56.70/identity/
    {
    "versions": {
    "values": [
    {
    "status": "stable",
    "updated": "2017-02-22T00:00:00Z",
    "media-types": [
    {
    "base": "application/json",
    "type": "application/vnd.openstack.identity-v3+json"
    }
    ],
    "id": "v3.8",
    "links": [
    {
    "href": "http://192.168.56.70/identity/v3/",
    "rel": "self"
    }
    ]
    },
    {
    "status": "deprecated",
    "updated": "2016-08-04T00:00:00Z",
    "media-types": [
    {
    "base": "application/json",
    "type": "application/vnd.openstack.identity-v2.0+json"
    }
    ],
    "id": "v2.0",
    "links": [
    {
    "href": "http://192.168.56.70/identity/v2.0/",
    "rel": "self"
    },
    {
    "href": "https://docs.openstack.org/",
    "type": "text/html",
    "rel": "describedby"
    }
    ] 34 / 40
    Keystone
    identity
    

    View Slide

35. ~/devstack$ openstack --os-username=admin --os-password=12345 --os-auth-url=http://192.168.56.
    +----------------------------------+-----------+
    | ID | Name |
    +----------------------------------+-----------+
    | 072d377ecb23418eb6ce5466eed15934 | glance |
    | 54c88e67b1204721b39d1b1e7a0c3fae | demo |
    | 673e2bab55ab40f481ef5cbdd6c7a590 | placement |
    | 7b425ff57f4641c4a24a728498e4bb6b | admin |
    | 7cd343a1790f4673a1e069c516b792e3 | nova |
    | 7ddf2056049e4254aad083e10c27f538 | neutron |
    | 8f6e5671f00543f69bb172eaae6e6127 | alt_demo |
    | bcae28b0d6f84017bc5950a11883070b | cinder |
    +----------------------------------+-----------+
    ~/devstack$ openstack --os-username=admin --os-password=12345 --os-auth-url=http://192.168.56.
    +----------------------------------+--------------------+
    | ID | Name |
    +----------------------------------+--------------------+
    | 00d1fbc04a524371b76507c3c4fe8bb1 | demo |
    | 4a5f1787cad44b859a44612362abb53c | alt_demo |
    | 4b09d781ee6149b690293b177d48392a | admin |
    | 51f1294b7f164a3e927214216c68ca65 | invisible_to_admin |
    | c2437dacab1d427a8d22faf9a45e36a7 | service |
    +----------------------------------+--------------------+
    35 / 40
    CLI
    Auth via
    Keystone
    

    View Slide

36. ~/devstack/accrc$ tree
    .
    |----- admin
    | |---- admin
    |----- alt_demo
    | |---- admin
    | |---- alt_demo
    |----- demo
    | |---- admin
    | |---- demo
    |----- invisible_to_admin
    |---- demo
    4 directories, 6 files
    ~/devstack/accrc$ cat demo/demo
    # OpenStack USER ID = 54c88e67b1204721b39d1b1e7a0c3fae
    export OS_USERNAME="demo"
    # OpenStack project ID = 00d1fbc04a524371b76507c3c4fe8bb1
    export OS_PROJECT_NAME="demo"
    export OS_AUTH_URL="http://192.168.56.70/identity"
    export OS_CACERT=""
    export NOVA_CERT="/opt/stack/devstack/accrc/cacert.pem"
    export OS_PASSWORD="12345"
    export OS_USER_DOMAIN_ID=default
    unset OS_USER_DOMAIN_NAME
    export OS_PROJECT_DOMAIN_ID=default
    unset OS_PROJECT_DOMAIN_NAME
    ~/devstack/accrc$ cat demo/admin
    # OpenStack USER ID = 7b425ff57f4641c4a24a728498e4bb6b
    export OS_USERNAME="admin"
    # OpenStack project ID = 00d1fbc04a524371b76507c3c4fe8bb1
    export OS_PROJECT_NAME="demo"
    export OS_AUTH_URL="http://192.168.56.70/identity"
    export OS_CACERT=""
    export NOVA_CERT="/opt/stack/devstack/accrc/cacert.pem"
    export OS_PASSWORD="12345"
    export OS_USER_DOMAIN_ID=default
    unset OS_USER_DOMAIN_NAME
    export OS_PROJECT_DOMAIN_ID=default
    unset OS_PROJECT_DOMAIN_NAME
    t k@ 64 /d t k/ $ 36 / 40
    accrc
    Templates
    

    View Slide

37. # static IP
    sdn@onos-tutorial:~$ cat /etc/network/interfaces
    # This file describes the network interfaces available on your system
    # and how to activate them. For more information, see interfaces(5).
    source /etc/network/interfaces.d/*
    # The loopback network interface
    auto lo
    iface lo inet loopback
    # The primary network interface
    auto enp0s3
    iface enp0s3 inet dhcp
    # The secondary network interface
    auto enp0s8
    iface enp0s8 inet static
    address 192.168.56.70
    netmask 255.255.255.0
    network 192.168.56.0
    broadcast 192.168.56.255
    #gateway 192.168.56.1
    #dns-nameservers 8.8.8.8 8.8.4.4
    #iface enp0s8 inet dhcp
    37 / 40
    Notes
    

    View Slide

38. Refs/Resources
    38 / 40
    

    View Slide

39. Refs/Resources
    1. OpenStack Docs: DevStack
    2. OpenStack Docs: OpenStackClient
    3. openstack-dev/devstack
    4. OpenStack Docs: All-In-One Single Machine
    5. OpenStack Docs: DevStack Networking
    6. Using your devstack cloud
    39 / 40
    

    View Slide

40. 40 / 40
    END
    Eueung Mulyana
    https://telematika.org/remark/devstack
    Intro+Labs | Attribution-ShareAlike CC BY-SA
    

    View Slide