Table of Contents
- Introduction
- Prerequisites
- Environment Setup
- Install and Configure OpenStack Components
- Keystone (Identity Service)
- Glance (Image Service)
- Nova (Compute Service)
- Neutron (Networking Service)
- Cinder (Block Storage Service)
- Horizon (Dashboard)
- Verification and Troubleshooting
- Conclusion
1. Introduction
OpenStack is an open-source platform used to build and manage public and private clouds. This guide walks you through a manual installation of OpenStack on a Linux server.
2. Prerequisites
Ensure your system meets the following prerequisites:
- A clean installation of a supported Linux distribution (e.g., Ubuntu 20.04 LTS or CentOS 8).
- At least 8 GB of RAM and 2 CPUs.
- Root or sudo access.
- Properly configured network settings.
3. Environment Setup
Update and Upgrade Your System
$ sudo apt update && sudo apt upgrade -y
Install Essential Packages
$ sudo apt install -y python3-pip python3-dev libffi-dev gcc libssl-dev
4. Install and Configure OpenStack Components
a. Keystone (Identity Service)
- Install Keystone
$ sudo apt install -y keystone
- Configure Keystone
Edit the /etc/keystone/keystone.conf
file:
$ sudo nano /etc/keystone/keystone.conf
Set the following values:
[database]
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
[token]
provider = fernet
- Populate the Identity Service Database
$ sudo keystone-manage db_sync
- Initialize Fernet Key Repositories
$ sudo keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
$ sudo keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
- Bootstrap the Identity Service
$ sudo keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
--bootstrap-admin-url http://controller:5000/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOne
- Configure Apache HTTP Server
Edit the /etc/apache2/apache2.conf
file:
$ sudo nano /etc/apache2/apache2.conf
Add the following:
ServerName controller
Enable the Apache and WSGI services:
$ sudo service apache2 restart
b. Glance (Image Service)
- Install Glance
$ sudo apt install -y glance
- Configure Glance
Edit the /etc/glance/glance-api.conf
file:
$ sudo nano /etc/glance/glance-api.conf
Set the following values:
[database]
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_PASS
[paste_deploy]
flavor = keystone
- Populate the Image Service Database
$ sudo glance-manage db_sync
- Restart Glance Service
$ sudo service glance-api restart
c. Nova (Compute Service)
- Install Nova
$ sudo apt install -y nova-api nova-conductor nova-consoleauth nova-novncproxy nova-scheduler
- Configure Nova
Edit the /etc/nova/nova.conf
file:
$ sudo nano /etc/nova/nova.conf
Set the following values:
[database]
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
[api_database]
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS
[DEFAULT]
my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[vnc]
enabled = True
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
[glance]
api_servers = http://controller:9292
- Populate the Compute Databases
$ sudo nova-manage api_db sync
$ sudo nova-manage cell_v2 map_cell0
$ sudo nova-manage cell_v2 create_cell --name=cell1
$ sudo nova-manage db sync
- Restart Nova Services
$ sudo service nova-api restart
$ sudo service nova-scheduler restart
$ sudo service nova-conductor restart
$ sudo service nova-novncproxy restart
d. Neutron (Networking Service)
- Install Neutron
$ sudo apt install -y neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent
- Configure Neutron
Edit the /etc/neutron/neutron.conf
file:
$ sudo nano /etc/neutron/neutron.conf
Set the following values:
[database]
connection = mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = neutron
password = NEUTRON_PASS
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
Edit the /etc/neutron/plugins/ml2/ml2_conf.ini
file:
$ sudo nano /etc/neutron/plugins/ml2/ml2_conf.ini
Set the following values:
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[securitygroup]
enable_ipset = True
- Populate the Networking Database
$ sudo neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head
- Restart Neutron Services
$ sudo service neutron-server restart
$ sudo service neutron-linuxbridge-agent restart
$ sudo service neutron-dhcp-agent restart
$ sudo service neutron-metadata-agent restart
e. Cinder (Block Storage Service)
- Install Cinder
$ sudo apt install -y cinder-api cinder-scheduler
- Configure Cinder
Edit the /etc/cinder/cinder.conf
file:
$ sudo nano /etc/cinder/cinder.conf
Set the following values:
[database]
connection = mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = cinder
password = CINDER_PASS
[DEFAULT]
my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
- Populate the Block Storage Database
$ sudo cinder-manage db sync
- Restart Cinder Services
$ sudo service cinder-api restart
$ sudo service cinder-scheduler restart
f. Horizon (Dashboard)
- Install Horizon
$ sudo apt install -y openstack-dashboard
- Configure Horizon
Edit the /etc/openstack-dashboard/local_settings.py
file:
$ sudo nano /etc/openstack-dashboard/local_settings.py
Set the following values:
OPENSTACK_HOST = "controller"
ALLOWED_HOSTS = ['*']
SESSION_ENGINE = 'django.contrib
.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'controller:11211',
}
}
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 3,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
- Restart Apache
$ sudo service apache2 reload
5. Verification and Troubleshooting
- Check Service Status
Ensure all OpenStack services are running:
$ sudo systemctl status <service-name>
- Verify Keystone Service
Authenticate using the OpenStack command-line interface:
$ export OS_USERNAME=admin
$ export OS_PASSWORD=ADMIN_PASS
$ export OS_PROJECT_NAME=admin
$ export OS_USER_DOMAIN_NAME=Default
$ export OS_PROJECT_DOMAIN_NAME=Default
$ export OS_AUTH_URL=http://controller:5000/v3
$ export OS_IDENTITY_API_VERSION=3
Check Keystone service:
$ openstack token issue
- Verify Glance Service
Upload a sample image:
$ wget http://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img
$ openstack image create "cirros" --file cirros-0.5.2-x86_64-disk.img --disk-format qcow2 --container-format bare --public
List images:
$ openstack image list
- Verify Nova Service
Create a flavor:
$ openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
List flavors:
$ openstack flavor list
- Verify Neutron Service
Create a network:
$ openstack network create demo-net
$ openstack subnet create --network demo-net --subnet-range 10.0.0.0/24 demo-subnet
List networks:
$ openstack network list
- Verify Cinder Service
Create a volume:
$ openstack volume create --size 1 demo-volume
List volumes:
$ openstack volume list
- Verify Horizon Dashboard
Open a web browser and navigate to http://<controller-ip>/dashboard
. Log in with your admin credentials.
6. Conclusion
Manually installing OpenStack can be complex due to its numerous components and dependencies. However, by following this guide, you should be able to set up a functional OpenStack environment.
For further customization and scaling, refer to the official OpenStack documentation and community resources.
Troubleshooting Tips
- Logs: Always check the logs located in
/var/log/
for detailed error messages. - Networking: Ensure your network configuration is correct and there are no conflicts.
- Services: Use
systemctl
to start, stop, and check the status of services. - Databases: Verify database connections and that the tables are correctly populated.
Additional Resources
By following these steps, you should have a working OpenStack environment tailored to your needs.
2 thoughts on - Comprehensive guide to install OpenStack manually on Linux
i get an error in sudo glance-manage db_sync , this is the error :
2024-11-07 19:19:45.536 18269 WARNING oslo_db.sqlalchemy.engines [-] SQL connection failed. 10 attempts left.: oslo_db.exception.DBConnectionError: (pymysql.err.OperationalError) (2003, “Can’t connect to MySQL server on ‘controller’ ([Errno -3] Temporary failure in name resolution)”)
Hi,
Please check if MySQL is running on your server.
Best regards.