Controller — Network

Create Provider

  1. [root@controller ~]# openstack network create provider --share --external --provider-network-type flat --provider-physical-network provide

Create Provider Sub-Net

  1. [root@controller ~]# openstack subnet create --network provider --allocation-pool start=9.1.1.50,end=9.1.1.90 --dns-nameserver 8.8.8.8 --gateway 9.1.1.1 --subnet-range 9.1.1.0/24 provider-sub

Create Private Network

  1. [root@controller ~]# openstack network create private --provider-network-type vxlan --share --interna

Create Private Sub-Net

  1. [root@controller ~]# openstack subnet create --network private --gateway 192.168.1.1 --subnet-range 192.168.1.0/24 private-subnet

Create Private-Office Network

  1. [root@controller ~]# openstack network create private-office --provider-network-type vxlan --share --internal

Create Private-Office Sub-Net

  1. [root@controller ~]# openstack subnet create --network private-office --gateway 192.168.2.1 --subnet-range 192.168.2.0/24 office-net

Create Private-Sale Network

  1. [root@controller ~]# openstack network create private-sale --provider-network-type vxlan --share --internal

Create Private-Sale Sub-Net

  1. [root@controller ~]# openstack subnet create --network private-sale --gateway 192.168.3.1 --subnet-range 192.168.3.0/24 sale-net

Create Private-Technology Network

  1. [root@controller ~]# openstack network create private-technology --provider-network-type vxlan --share --internal

Create Private-Technology Sub-Net

  1. [root@controller ~]# openstack subnet create --network private-technology --gateway 192.168.4.1 --subnet-range 192.168.4.0/24 technology-net

List Network

  1. [root@controller ~]# openstack network list

Create Provider Router

  1. [root@controller ~]# openstack router create route

Set External-Gateway

  1. [root@controller ~]# openstack router set --external-gateway provider router

Add Route Interface

  1. [root@controller ~]# openstack router add subnet router private-subnet

List Network Agent

  1. [root@controller ~]# openstack network agent list

Compute — Neutron

Install Neutron

  1. [root@compute ~]# yum install openstack-neutron-linuxbridge ebtables ipset -y

Configure Neutron

  1. [root@compute ~]# cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
  2. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
  3. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT advertise_mtu True
  4. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT dhcp_agents_per_network 2
  5. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT control_exchange neutron
  6. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_url http://controller:8774/v2
  7. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:password@controller
  8. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
  9. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
  10. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
  11. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
  12. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
  13. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
  14. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
  15. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
  16. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password password
  17. [root@compute ~]# openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

Configure LinuxBridge Agent

  1. [root@compute ~]# cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
  2. [root@compute ~]# >/etc/neutron/plugins/ml2/linuxbridge_agent.ini
  3. [root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini DEFAULT debug false
  4. [root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini DEFAULT verbose true
  5. [root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
  6. [root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.2.2.62
  7. [root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
  8. [root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
  9. [root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Configure Nova

  1. [root@compute ~]# openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696
  2. [root@compute ~]# openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:35357
  3. [root@compute ~]# openstack-config --set /etc/nova/nova.conf neutron auth_type password
  4. [root@compute ~]# openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
  5. [root@compute ~]# openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
  6. [root@compute ~]# openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
  7. [root@compute ~]# openstack-config --set /etc/nova/nova.conf neutron project_name service
  8. [root@compute ~]# openstack-config --set /etc/nova/nova.conf neutron username neutron
  9. [root@compute ~]# openstack-config --set /etc/nova/nova.conf neutron password password

Restart Nova & Neutron

  1. [root@compute ~]# systemctl restart openstack-nova-compute.service
  2. [root@compute ~]# systemctl enable neutron-linuxbridge-agent.service
  3. [root@compute ~]# systemctl restart neutron-linuxbridge-agent.service
  4. [root@compute ~]# systemctl status openstack-nova-compute.service neutron-linuxbridge-agent.service

Compute — Nova

Install Compute

  1. [root@compute ~]# yum install openstack-selinux python-openstackclient yum-plugin-priorities openstack-nova-compute openstack-utils -y

Configure Nova

  1. [root@compute ~]# cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
  2. [root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
  3. [root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 10.1.1.62
  4. [root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron True
  5. [root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
  6. [root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:password@controller
  7. [root@compute ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://controller:5000
  8. [root@compute ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:35357
  9. [root@compute ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers controller:11211
  10. [root@compute ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
  11. [root@compute ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
  12. [root@compute ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
  13. [root@compute ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
  14. [root@compute ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
  15. [root@compute ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken password password
  16. [root@compute ~]# openstack-config --set /etc/nova/nova.conf placement auth_uri http://controller:5000
  17. [root@compute ~]# openstack-config --set /etc/nova/nova.conf placement auth_url http://controller:35357
  18. [root@compute ~]# openstack-config --set /etc/nova/nova.conf placement memcached_servers controller:11211
  19. [root@compute ~]# openstack-config --set /etc/nova/nova.conf placement auth_type password
  20. [root@compute ~]# openstack-config --set /etc/nova/nova.conf placement project_domain_name default
  21. [root@compute ~]# openstack-config --set /etc/nova/nova.conf placement user_domain_name default
  22. [root@compute ~]# openstack-config --set /etc/nova/nova.conf placement project_name service
  23. [root@compute ~]# openstack-config --set /etc/nova/nova.conf placement username placement
  24. [root@compute ~]# openstack-config --set /etc/nova/nova.conf placement password password
  25. [root@compute ~]# openstack-config --set /etc/nova/nova.conf placement os_region_name RegionOne
  26. [root@compute ~]# openstack-config --set /etc/nova/nova.conf vnc enabled True
  27. [root@compute ~]# openstack-config --set /etc/nova/nova.conf vnc keymap en-us
  28. [root@compute ~]# openstack-config --set /etc/nova/nova.conf vnc vncserver_listen 0.0.0.0
  29. [root@compute ~]# openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address 10.1.1.62
  30. [root@compute ~]# openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://9.1.1.61:6080/vnc_auto.html
  31. [root@compute ~]# openstack-config --set /etc/nova/nova.conf glance api_servers http://controller:9292
  32. [root@compute ~]# openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
  33. [root@compute ~]# openstack-config --set /etc/nova/nova.conf libvirt virt_type qemu
  34. [root@compute ~]# openstack-config --set /etc/nova/nova.conf libvirt cpu_mode none

Start Compute Service

  1. [root@compute ~]# systemctl enable libvirtd.service openstack-nova-compute.service
  2. [root@compute ~]# systemctl restart libvirtd.service openstack-nova-compute.service
  3. [root@compute ~]# systemctl status libvirtd.service openstack-nova-compute.service

List Compute Service(Do it on Controller)

  1. [root@controller ~]# source /root/admin-openrc
  2. [root@controller ~]# openstack compute service list

Controller — Dashboard

Install Dashboard

  1. [root@controller ~]# yum install openstack-dashboard -y

Update File “local_settings”

  1. [root@controller ~]# cat /etc/openstack-dashboard/local_settings

Restart Httpd & Memcached

  1. [root@controller ~]# systemctl restart httpd.service memcached.service
  2. [root@controller ~]# systemctl status httpd.service memcached.service

Now, Take the Browser

http://9.1.1.61/dashboard/

 

Controller — Neutron

Create Neutron User

  1. [root@controller ~]# source /root/admin-openrc
  2. [root@controller ~]# openstack user create --domain default neutron --password password
  3. [root@controller ~]# openstack role add --project service --user neutron admin

Create Neutron Service

  1. [root@controller ~]# openstack service create --name neutron --description "OpenStack Networking" network

Create Endpoint

  1. [root@controller ~]# openstack endpoint create --region RegionOne network public http://controller:9696
  2. [root@controller ~]# openstack endpoint create --region RegionOne network internal http://controller:9696
  3. [root@controller ~]# openstack endpoint create --region RegionOne network admin http://controller:9696

Install Neutron

  1. [root@controller ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y

Configure Neutron

  1. [root@controller ~]# cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
  2. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
  3. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
  4. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
  5. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
  6. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:password@controller
  7. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
  8. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True
  9. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
  10. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
  11. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
  12. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
  13. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
  14. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
  15. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
  16. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
  17. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password password
  18. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:password@controller/neutron
  19. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf nova auth_url http://controller:35357
  20. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf nova auth_type password
  21. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default
  22. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default
  23. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
  24. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf nova project_name service
  25. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf nova username nova
  26. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf nova password password
  27. [root@controller ~]# openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

Configure ML2

  1. [root@controller ~]# cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
  2. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
  3. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
  4. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
  5. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
  6. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 path_mtu 1500
  7. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
  8. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
  9. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True

Configure LinuxBridge Agent

  1. [root@controller ~]# cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
  2. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini DEFAULT debug false
  3. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:<strong>enp0s3</strong>
  4. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
  5. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.2.2.61
  6. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
  7. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini agent prevent_arp_spoofing True
  8. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
  9. [root@controller ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Configure L3 Agent

  1. [root@controller ~]# cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
  2. [root@controller ~]# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
  3. [root@controller ~]# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge
  4. [root@controller ~]# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT debug false

Configure DHCP Agent

  1. [root@controller ~]# cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
  2. [root@controller ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
  3. [root@controller ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
  4. [root@controller ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
  5. [root@controller ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT verbose True
  6. [root@controller ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT debug false

Configure Neutron For Nova Service

  1. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696
  2. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:35357
  3. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron auth_plugin password
  4. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron project_domain_id default
  5. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron user_domain_id default
  6. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
  7. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron project_name service
  8. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron username neutron
  9. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron password password
  10. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
  11. [root@controller ~]# openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret password

Configure DHCP Option

  1. [root@controller ~]# echo "dhcp-option-force=26,1450" >/etc/neutron/dnsmasq-neutron.conf

Configure Metadata Agent

  1. [root@controller ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip controller
  2. [root@controller ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret password
  3. [root@controller ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_workers 4
  4. [root@controller ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT verbose True
  5. [root@controller ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT debug false
  6. [root@controller ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_protocol http

Configure Neutron For ML2

  1. [root@controller ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

Synchronize Database

  1. [root@controller ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

Restart Nova Service

  1. [root@controller ~]# systemctl restart openstack-nova-api.service
  2. [root@controller ~]# systemctl status openstack-nova-api.service

Start Neutron L3 Service

  1. [root@controller ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
  2. [root@controller ~]# systemctl restart neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
  3. [root@controller ~]# systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service

List Neutron Agent

  1. [root@controller ~]# openstack network agent list

Controller — Nova

Create User For Nova

  1. [root@controller ~]# source /root/admin-openrc
  2. [root@controller ~]# openstack user create --domain default nova --password password
  3. [root@controller ~]# openstack role add --project service --user nova admin

Create Compute Service

  1. [root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute

Create Nova Endpoint

  1. [root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1/%\(tenant_id\)s
  2. [root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1/%\(tenant_id\)s
  3. [root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1/%\(tenant_id\)s

Create Placement

  1. [root@controller ~]# openstack user create --domain default placement --password password
  2. [root@controller ~]# openstack role add --project service --user placement admin
  3. [root@controller ~]# openstack service create --name placement --description "Placement API" placement

Create Placement Endpoint

  1. [root@controller ~]# openstack endpoint create --region RegionOne placement public http://controller:8778
  2. [root@controller ~]# openstack endpoint create --region RegionOne placement admin http://controller:8778
  3. [root@controller ~]# openstack endpoint create --region RegionOne placement internal http://controller:8778

Install Nova

  1. [root@controller ~]# yum install openstack-nova-api openstack-nova-conductor openstack-nova-cert openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-placement-api -y

Configure Nova

  1. [root@controller ~]# cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
  2. [root@controller ~]# openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
  3. [root@controller ~]# openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
  4. [root@controller ~]# openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 10.1.1.61
  5. [root@controller ~]# openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron True
  6. [root@controller ~]# openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
  7. [root@controller ~]# openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:password@controller
  8. [root@controller ~]# openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:password@controller/nova
  9. [root@controller ~]# openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:password@controller/nova_api
  10. [root@controller ~]# openstack-config --set /etc/nova/nova.conf scheduler discover_hosts_in_cells_interval -1
  11. [root@controller ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://controller:5000
  12. [root@controller ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:35357
  13. [root@controller ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers controller:11211
  14. [root@controller ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
  15. [root@controller ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
  16. [root@controller ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
  17. [root@controller ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
  18. [root@controller ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
  19. [root@controller ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken password password
  20. [root@controller ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken service_token_roles_required True
  21. [root@controller ~]# openstack-config --set /etc/nova/nova.conf placement auth_url http://controller:35357
  22. [root@controller ~]# openstack-config --set /etc/nova/nova.conf placement memcached_servers controller:11211
  23. [root@controller ~]# openstack-config --set /etc/nova/nova.conf placement auth_type password
  24. [root@controller ~]# openstack-config --set /etc/nova/nova.conf placement project_domain_name default
  25. [root@controller ~]# openstack-config --set /etc/nova/nova.conf placement user_domain_name default
  26. [root@controller ~]# openstack-config --set /etc/nova/nova.conf placement project_name service
  27. [root@controller ~]# openstack-config --set /etc/nova/nova.conf placement username placement
  28. [root@controller ~]# openstack-config --set /etc/nova/nova.conf placement password password
  29. [root@controller ~]# openstack-config --set /etc/nova/nova.conf placement os_region_name RegionOne
  30. [root@controller ~]# openstack-config --set /etc/nova/nova.conf vnc vncserver_listen 10.1.1.61
  31. [root@controller ~]# openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address 10.1.1.61
  32. [root@controller ~]# openstack-config --set /etc/nova/nova.conf glance api_servers http://controller:9292
  33. [root@controller ~]# openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

Configure Nova-Placement

  1. [root@controller ~]# cat /etc/httpd/conf.d/00-nova-placement-api.conf

  1. <Directory /usr/bin>
  2.         <IfVersion >= 2.4>
  3.             Require all granted
  4.       </IfVersion>
  5.       <IfVersion < 2.4>
  6.             Order allow,deny
  7.             Allow from all
  8.       </IfVersion>
  9. </Directory>

Restart Httpd

  1. [root@controller ~]# systemctl restart httpd

Synchronize Database

  1. [root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
  2. [root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
  3. [root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
  4. [root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova

List Nova Cell

  1. [root@controller ~]# nova-manage cell_v2 list_cells

Start Nova Service

  1. [root@controller ~]# systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
  2. [root@controller ~]# systemctl restart openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
  3. [root@controller ~]# systemctl status openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

List Nova Status

  1. [root@controller ~]# systemctl list-unit-files |grep openstack-nova-*
  2. openstack-nova-api.service enabled
  3. openstack-nova-conductor.service enabled
  4. openstack-nova-console.service disabled
  5. openstack-nova-consoleauth.service enabled
  6. openstack-nova-metadata-api.service disabled
  7. openstack-nova-novncproxy.service enabled
  8. openstack-nova-os-compute-api.service disabled
  9. openstack-nova-scheduler.service enabled
  10. openstack-nova-xvpvncproxy.service disabled

Check Nova Status

  1. [root@controller ~]# nova-status upgrade check

List Nova Service

  1. [root@controller ~]# nova service-list

List Nova Endpoint

  1. [root@controller ~]# openstack endpoint list

Controller — Glance

Create Glance User Role

[root@controller ~]# source /root/admin-openrc
[root@controller ~]# openstack user create --domain default glance --password password
[root@controller ~]# openstack role add --project service --user glance admin

Create Glance Service

[root@controller ~]# openstack service create --name glance --description "OpenStack Image service" image

Create Endpoint

[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292
[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292
[root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller:9292

Install Glance

[root@controller ~]# yum install openstack-glance -y

Configure Glance-API

[root@controller ~]# cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT transport_url rabbit://openstack:password@controller
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:password@controller/glance
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://controller:5000
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://controller:35357
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers controller:11211
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name default
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name default
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password password
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/

Configure Glance-Registry

[root@controller ~]# cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf DEFAULT transport_url rabbit://openstack:password@controller
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:password@controller/glance
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://controller:5000
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://controller:35357
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_serverscontroller:11211
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name default
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name default
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password password
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone

Synchronize Database

[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance

Start Glance Service

[root@controller ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service
[root@controller ~]# systemctl restart openstack-glance-api.service openstack-glance-registry.service
[root@controller ~]# systemctl status openstack-glance-api.service openstack-glance-registry.service

Download Cirros Img

[root@controller ~]# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img

Create Glance Image

[root@controller ~]# glance image-create --name "cirros-0.3.5-x86_64" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --visibility public --progress

Download CentOS Cloud Img

[root@controller ~]# wget http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1708.qcow2

Create Glance Image

[root@controller ~]# glance image-create --name "CentOS-7-x86_64" --file CentOS-7-x86_64-GenericCloud-1708.qcow2 --disk-format qcow2 --container-format bare --visibility public --progress

List Glance Image

[root@controller ~]# glance image-list

Controller — KeyStone

Install KeyStone

  1. [root@controller ~]# yum install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached openstack-utils -y

Start Memcached Service

  1. [root@controller ~]# systemctl enable memcached.service
  2. [root@controller ~]# systemctl restart memcached.service
  3. [root@controller ~]# systemctl status memcached.service

Configure KeyStone

  1. [root@controller ~]# cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.bak
  2. [root@controller ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT transport_url rabbit://openstack:password@controller
  3. [root@controller ~]# openstack-config --set /etc/keystone/keystone.conf database connection mysql://keystone:password@controller/keystone
  4. [root@controller ~]# openstack-config --set /etc/keystone/keystone.conf cache backend oslo_cache.memcache_pool
  5. [root@controller ~]# openstack-config --set /etc/keystone/keystone.conf cache enabled true
  6. [root@controller ~]# openstack-config --set /etc/keystone/keystone.conf cache memcache_servers controller:11211
  7. [root@controller ~]# openstack-config --set /etc/keystone/keystone.conf memcache servers controller:11211
  8. [root@controller ~]# openstack-config --set /etc/keystone/keystone.conf token expiration 3600
  9. [root@controller ~]# openstack-config --set /etc/keystone/keystone.conf token provider fernet

Configure Httpd

  1. [root@controller ~]# sed -i "s/#ServerName www.example.com:80/ServerName controller/" /etc/httpd/conf/httpd.conf
  2. [root@controller ~]# sed -i 's/OPTIONS*.*/OPTIONS="-l 127.0.0.1,::1,10.1.1.61"/' /etc/sysconfig/memcached
  3. [root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

Synchronize Database

  1. [root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone

Setup KeyStone

  1. [root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
  2. [root@controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

Start Httpd Service

  1. [root@controller ~]# systemctl enable httpd.service
  2. [root@controller ~]# systemctl restart httpd.service
  3. [root@controller ~]# systemctl status httpd.service

List Httpd Service

  1. [root@controller ~]# systemctl list-unit-files |grep httpd.service
  2. <strong>httpd.service enabled </strong>

Create Admin Role

  1. [root@controller ~]# keystone-manage bootstrap \
  2. --bootstrap-password password \
  3. --bootstrap-username admin \
  4. --bootstrap-project-name admin \
  5. --bootstrap-role-name admin \
  6. --bootstrap-service-name keystone \
  7. --bootstrap-region-id RegionOne \
  8. --bootstrap-admin-url http://controller:35357/v3 \
  9. --bootstrap-internal-url http://controller:35357/v3 \
  10. --bootstrap-public-url http://controller:5000/v3

List OpenStack Project

  1. [root@controller ~]# openstack project list --os-username admin --os-project-name admin --os-user-domain-id default --os-project-domain-id default --os-identity-api-version 3 --os-auth-url http://controller:5000 --os-password password

Configure Admin Resource

  1. [root@controller ~]# cat /root/admin-openrc
  2. export OS_USER_DOMAIN_ID=default
  3. export OS_PROJECT_DOMAIN_ID=default
  4. export OS_USERNAME=admin
  5. export OS_PROJECT_NAME=admin
  6. export OS_PASSWORD=password
  7. export OS_IDENTITY_API_VERSION=3
  8. export OS_IMAGE_API_VERSION=2
  9. export OS_AUTH_URL=http://controller:35357/v3

Create OpenStack Project

  1. [root@controller ~]# source /root/admin-openrc
  2.  
  3. [root@controller ~]# openstack project create --domain default --description "Service Project" service
  4. [root@controller ~]# openstack project create --domain default --description "Demo Project" demo
  5. [root@controller ~]# openstack user create --domain default demo --password password
  6.  
  7. [root@controller ~]# openstack role create user
  8. [root@controller ~]# openstack role add --project demo --user demo user
  9.  
  10. [root@controller ~]# unset OS_TOKEN OS_URL
  11. [root@controller ~]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue --os-password password
  12. [root@controller ~]# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name demo --os-username demo token issue --os-password password

Controller — RabbitMQ

Install RabbitMQ

  1. [root@controller ~]# yum install erlang -y
  2. [root@controller ~]# yum install rabbitmq-server -y

Start RabbitMQ Service

  1. [root@controller ~]# systemctl enable rabbitmq-server.service
  2. [root@controller ~]# systemctl restart rabbitmq-server.service
  3. [root@controller ~]# systemctl status rabbitmq-server.service

List RabbitMQ Service

  1. [root@controller ~]# systemctl list-unit-files |grep rabbitmq-server.service
  2. <strong>rabbitmq-server.service enable</strong>

Configure RabbitMQ

  1. [root@controller ~]# rabbitmqctl add_user openstack password
  2. [root@controller ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
  3. [root@controller ~]# rabbitmqctl set_user_tags openstack administrator
  4. [root@controller ~]# rabbitmqctl list_users

Check The Status

  1. [root@controller ~]# netstat -ntlp |grep 5672
  2. tcp 0 0 0.0.0.0:<strong>15672</strong> 0.0.0.0:* LISTEN 1025/beam
  3. tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN 1025/beam
  4. tcp6 0 0 :::5672 :::* LISTEN 1025/beam

List Plugin

  1. [root@controller ~]# /usr/lib/rabbitmq/bin/rabbitmq-plugins list
  2. [E] amqp_client 3.3.5
  3. [ ] cowboy 0.5.0-rmq3.3.5-git4b93c2d
  4. [ ] eldap 3.3.5-gite309de4
  5. [E] mochiweb 2.7.0-rmq3.3.5-git680dba8
  6. [ ] rabbitmq_amqp1_0 3.3.5
  7. [ ] rabbitmq_auth_backend_ldap 3.3.5
  8. [ ] rabbitmq_auth_mechanism_ssl 3.3.5
  9. [ ] rabbitmq_consistent_hash_exchange 3.3.5
  10. [ ] rabbitmq_federation 3.3.5
  11. [ ] rabbitmq_federation_management 3.3.5
  12. [E] rabbitmq_management 3.3.5
  13. [E] rabbitmq_management_agent 3.3.5
  14. [ ] rabbitmq_management_visualiser 3.3.5
  15. [ ] rabbitmq_mqtt 3.3.5
  16. [ ] rabbitmq_shovel 3.3.5
  17. [ ] rabbitmq_shovel_management 3.3.5
  18. [ ] rabbitmq_stomp 3.3.5
  19. [ ] rabbitmq_test 3.3.5
  20. [ ] rabbitmq_tracing 3.3.5
  21. [E] rabbitmq_web_dispatch 3.3.5
  22. [ ] rabbitmq_web_stomp 3.3.5
  23. [ ] rabbitmq_web_stomp_examples 3.3.5
  24. [ ] sockjs 0.3.4-rmq3.3.5-git3132eb9
  25. [E] webmachine 1.10.3-rmq3.3.5-gite9359c7

Enable Plugin

  1. [root@controller ~]# /usr/lib/rabbitmq/bin/rabbitmq-plugins enable rabbitmq_management mochiweb webmachine rabbitmq_web_dispatch amqp_client rabbitmq_management_agent

Restart RabbitMQ Service

  1. [root@controller ~]# systemctl restart rabbitmq-server

Now, Take the Browser

http://9.1.1.61:15672

 

username/password :

guest/guest
openstack/password