Water's Home

Just another Life Style

0%

Basic Environment

Intel Core i7 processor

32GB memory

512GB SSD + 2TB storage

For example:

Dell OptiPlex 7050 Intel® Core i7 7700 32GB (2x16GB) DDR4-2400 512GB Solid State Drive SATA hard drive 2TB SATA hard drive (7200RPM)

VMware For OpenStack Requirement

3 * Controller

1 CPU (2 Core) 4GB RAM 100 GB Storage 4 NIC(NAT + NAT + HostOnly + HostOnly) Virtualize Intel VT-x/EPT or AMD-V/RVI

2 * Compute

1 CPU (2 Core) 4GB RAM 100 GB Storage 2 NIC(NAT + HostOnly) Virtualize Intel VT-x/EPT or AMD-V/RVI

Create Provider

[root@controller ~]# openstack network create provider –share –external –provider-network-type flat –provider-physical-network provide

Create Provider Sub-Net

[root@controller ~]# openstack subnet create –network provider –allocation-pool start=9.1.1.50,end=9.1.1.90 –dns-nameserver 8.8.8.8 –gateway 9.1.1.1 –subnet-range 9.1.1.0/24 provider-sub

Create Private Network

[root@controller ~]# openstack network create private –provider-network-type vxlan –share –interna

Create Private Sub-Net

[root@controller ~]# openstack subnet create –network private –gateway 192.168.1.1 –subnet-range 192.168.1.0/24 private-subnet

Create Private-Office Network

[root@controller ~]# openstack network create private-office –provider-network-type vxlan –share –internal

Create Private-Office Sub-Net

[root@controller ~]# openstack subnet create –network private-office –gateway 192.168.2.1 –subnet-range 192.168.2.0/24 office-net

Create Private-Sale Network

[root@controller ~]# openstack network create private-sale –provider-network-type vxlan –share –internal

Create Private-Sale Sub-Net

[root@controller ~]# openstack subnet create –network private-sale –gateway 192.168.3.1 –subnet-range 192.168.3.0/24 sale-net

Create Private-Technology Network

[root@controller ~]# openstack network create private-technology –provider-network-type vxlan –share –internal

Create Private-Technology Sub-Net

[root@controller ~]# openstack subnet create –network private-technology –gateway 192.168.4.1 –subnet-range 192.168.4.0/24 technology-net

List Network

[root@controller ~]# openstack network list

Create Provider Router

[root@controller ~]# openstack router create route

Set External-Gateway

[root@controller ~]# openstack router set –external-gateway provider router

Add Route Interface

[root@controller ~]# openstack router add subnet router private-subnet

List Network Agent

[root@controller ~]# openstack network agent list

Install Neutron

[root@compute ~]# yum install openstack-neutron-linuxbridge ebtables ipset -y

Configure Neutron

[root@compute ~]# cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT advertise_mtu True
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT dhcp_agents_per_network 2
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT control_exchange neutron
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT nova_url http://controller:8774/v2
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:password@controller
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_type password
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_name service
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken username neutron
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken password password
[root@compute ~]# openstack-config –set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

Configure LinuxBridge Agent

[root@compute ~]# cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
[root@compute ~]# >/etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@compute ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini DEFAULT debug false
[root@compute ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini DEFAULT verbose true
[root@compute ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
[root@compute ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.2.2.62
[root@compute ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
[root@compute ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
[root@compute ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Configure Nova

[root@compute ~]# openstack-config –set /etc/nova/nova.conf neutron url http://controller:9696
[root@compute ~]# openstack-config –set /etc/nova/nova.conf neutron auth_url http://controller:35357
[root@compute ~]# openstack-config –set /etc/nova/nova.conf neutron auth_type password
[root@compute ~]# openstack-config –set /etc/nova/nova.conf neutron project_domain_name default
[root@compute ~]# openstack-config –set /etc/nova/nova.conf neutron user_domain_name default
[root@compute ~]# openstack-config –set /etc/nova/nova.conf neutron region_name RegionOne
[root@compute ~]# openstack-config –set /etc/nova/nova.conf neutron project_name service
[root@compute ~]# openstack-config –set /etc/nova/nova.conf neutron username neutron
[root@compute ~]# openstack-config –set /etc/nova/nova.conf neutron password password

Restart Nova & Neutron

[root@compute ~]# systemctl restart openstack-nova-compute.service
[root@compute ~]# systemctl enable neutron-linuxbridge-agent.service
[root@compute ~]# systemctl restart neutron-linuxbridge-agent.service
[root@compute ~]# systemctl status openstack-nova-compute.service neutron-linuxbridge-agent.service

Install Compute

[root@compute ~]# yum install openstack-selinux python-openstackclient yum-plugin-priorities openstack-nova-compute openstack-utils -y

Configure Nova

[root@compute ~]# cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
[root@compute ~]# openstack-config –set /etc/nova/nova.conf DEFAULT auth_strategy keystone
[root@compute ~]# openstack-config –set /etc/nova/nova.conf DEFAULT my_ip 10.1.1.62
[root@compute ~]# openstack-config –set /etc/nova/nova.conf DEFAULT use_neutron True
[root@compute ~]# openstack-config –set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
[root@compute ~]# openstack-config –set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:password@controller
[root@compute ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_uri http://controller:5000
[root@compute ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:35357
[root@compute ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken memcached_servers controller:11211
[root@compute ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_type password
[root@compute ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken project_domain_name default
[root@compute ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken user_domain_name default
[root@compute ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken project_name service
[root@compute ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken username nova
[root@compute ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken password password
[root@compute ~]# openstack-config –set /etc/nova/nova.conf placement auth_uri http://controller:5000
[root@compute ~]# openstack-config –set /etc/nova/nova.conf placement auth_url http://controller:35357
[root@compute ~]# openstack-config –set /etc/nova/nova.conf placement memcached_servers controller:11211
[root@compute ~]# openstack-config –set /etc/nova/nova.conf placement auth_type password
[root@compute ~]# openstack-config –set /etc/nova/nova.conf placement project_domain_name default
[root@compute ~]# openstack-config –set /etc/nova/nova.conf placement user_domain_name default
[root@compute ~]# openstack-config –set /etc/nova/nova.conf placement project_name service
[root@compute ~]# openstack-config –set /etc/nova/nova.conf placement username placement
[root@compute ~]# openstack-config –set /etc/nova/nova.conf placement password password
[root@compute ~]# openstack-config –set /etc/nova/nova.conf placement os_region_name RegionOne
[root@compute ~]# openstack-config –set /etc/nova/nova.conf vnc enabled True
[root@compute ~]# openstack-config –set /etc/nova/nova.conf vnc keymap en-us
[root@compute ~]# openstack-config –set /etc/nova/nova.conf vnc vncserver_listen 0.0.0.0
[root@compute ~]# openstack-config –set /etc/nova/nova.conf vnc vncserver_proxyclient_address 10.1.1.62
[root@compute ~]# openstack-config –set /etc/nova/nova.conf vnc novncproxy_base_url http://9.1.1.61:6080/vnc\_auto.html
[root@compute ~]# openstack-config –set /etc/nova/nova.conf glance api_servers http://controller:9292
[root@compute ~]# openstack-config –set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
[root@compute ~]# openstack-config –set /etc/nova/nova.conf libvirt virt_type qemu
[root@compute ~]# openstack-config –set /etc/nova/nova.conf libvirt cpu_mode none

Start Compute Service

[root@compute ~]# systemctl enable libvirtd.service openstack-nova-compute.service
[root@compute ~]# systemctl restart libvirtd.service openstack-nova-compute.service
[root@compute ~]# systemctl status libvirtd.service openstack-nova-compute.service

List Compute Service(Do it on Controller)

[root@controller ~]# source /root/admin-openrc
[root@controller ~]# openstack compute service list

Install Dashboard

[root@controller ~]# yum install openstack-dashboard -y

Update File “local_settings”

[root@controller ~]# cat /etc/openstack-dashboard/local_settings

Restart Httpd & Memcached

[root@controller ~]# systemctl restart httpd.service memcached.service
[root@controller ~]# systemctl status httpd.service memcached.service

Now, Take the Browser

img/Dashboard-V2-2.png)

Create Neutron User

[root@controller ~]# source /root/admin-openrc
[root@controller ~]# openstack user create –domain default neutron –password password
[root@controller ~]# openstack role add –project service –user neutron admin

Create Neutron Service

[root@controller ~]# openstack service create –name neutron –description “OpenStack Networking” network

Create Endpoint

[root@controller ~]# openstack endpoint create –region RegionOne network public http://controller:9696
[root@controller ~]# openstack endpoint create –region RegionOne network internal http://controller:9696
[root@controller ~]# openstack endpoint create –region RegionOne network admin http://controller:9696

Install Neutron

[root@controller ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y

Configure Neutron

[root@controller ~]# cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT service_plugins router
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:password@controller
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken username neutron
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken password password
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:password@controller/neutron
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova auth_url http://controller:35357
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova auth_type password
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova project_domain_name default
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova user_domain_name default
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova region_name RegionOne
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova project_name service
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova username nova
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova password password
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

Configure ML2

[root@controller ~]# cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 path_mtu 1500
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True

Configure LinuxBridge Agent

[root@controller ~]# cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini DEFAULT debug false
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:enp0s3
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.2.2.61
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini agent prevent_arp_spoofing True
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Configure L3 Agent

[root@controller ~]# cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
[root@controller ~]# openstack-config –set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
[root@controller ~]# openstack-config –set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge
[root@controller ~]# openstack-config –set /etc/neutron/l3_agent.ini DEFAULT debug false

Configure DHCP Agent

[root@controller ~]# cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
[root@controller ~]# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
[root@controller ~]# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
[root@controller ~]# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
[root@controller ~]# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT verbose True
[root@controller ~]# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT debug false

Configure Neutron For Nova Service

[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron url http://controller:9696
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron auth_url http://controller:35357
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron auth_plugin password
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron project_domain_id default
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron user_domain_id default
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron region_name RegionOne
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron project_name service
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron username neutron
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron password password
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron service_metadata_proxy True
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron metadata_proxy_shared_secret password

Configure DHCP Option

[root@controller ~]# echo “dhcp-option-force=26,1450” >/etc/neutron/dnsmasq-neutron.conf

Configure Metadata Agent

[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip controller
[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret password
[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT metadata_workers 4
[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT verbose True
[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT debug false
[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_protocol http

Configure Neutron For ML2

[root@controller ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

Synchronize Database

[root@controller ~]# su -s /bin/sh -c “neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head” neutron

Restart Nova Service

[root@controller ~]# systemctl restart openstack-nova-api.service
[root@controller ~]# systemctl status openstack-nova-api.service

Start Neutron L3 Service

[root@controller ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
[root@controller ~]# systemctl restart neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
[root@controller ~]# systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service

List Neutron Agent

[root@controller ~]# openstack network agent list

Create User For Nova

[root@controller ~]# source /root/admin-openrc
[root@controller ~]# openstack user create –domain default nova –password password
[root@controller ~]# openstack role add –project service –user nova admin

Create Compute Service

[root@controller ~]# openstack service create –name nova –description “OpenStack Compute” compute

Create Nova Endpoint

[root@controller ~]# openstack endpoint create –region RegionOne compute public http://controller:8774/v2.1/%\\(tenant\_id\\)s
[root@controller ~]# openstack endpoint create –region RegionOne compute internal http://controller:8774/v2.1/%\\(tenant\_id\\)s
[root@controller ~]# openstack endpoint create –region RegionOne compute admin http://controller:8774/v2.1/%\\(tenant\_id\\)s

Create Placement

[root@controller ~]# openstack user create –domain default placement –password password
[root@controller ~]# openstack role add –project service –user placement admin
[root@controller ~]# openstack service create –name placement –description “Placement API” placement

Create Placement Endpoint

[root@controller ~]# openstack endpoint create –region RegionOne placement public http://controller:8778
[root@controller ~]# openstack endpoint create –region RegionOne placement admin http://controller:8778
[root@controller ~]# openstack endpoint create –region RegionOne placement internal http://controller:8778

Install Nova

[root@controller ~]# yum install openstack-nova-api openstack-nova-conductor openstack-nova-cert openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-placement-api -y

Configure Nova

[root@controller ~]# cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
[root@controller ~]# openstack-config –set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
[root@controller ~]# openstack-config –set /etc/nova/nova.conf DEFAULT auth_strategy keystone
[root@controller ~]# openstack-config –set /etc/nova/nova.conf DEFAULT my_ip 10.1.1.61
[root@controller ~]# openstack-config –set /etc/nova/nova.conf DEFAULT use_neutron True
[root@controller ~]# openstack-config –set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
[root@controller ~]# openstack-config –set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:password@controller
[root@controller ~]# openstack-config –set /etc/nova/nova.conf database connection mysql+pymysql://nova:password@controller/nova
[root@controller ~]# openstack-config –set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:password@controller/nova_api
[root@controller ~]# openstack-config –set /etc/nova/nova.conf scheduler discover_hosts_in_cells_interval -1
[root@controller ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_uri http://controller:5000
[root@controller ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:35357
[root@controller ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken memcached_servers controller:11211
[root@controller ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken project_domain_name default
[root@controller ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken user_domain_name default
[root@controller ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken username nova
[root@controller ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken password password
[root@controller ~]# openstack-config –set /etc/nova/nova.conf keystone_authtoken service_token_roles_required True
[root@controller ~]# openstack-config –set /etc/nova/nova.conf placement auth_url http://controller:35357
[root@controller ~]# openstack-config –set /etc/nova/nova.conf placement memcached_servers controller:11211
[root@controller ~]# openstack-config –set /etc/nova/nova.conf placement auth_type password
[root@controller ~]# openstack-config –set /etc/nova/nova.conf placement project_domain_name default
[root@controller ~]# openstack-config –set /etc/nova/nova.conf placement user_domain_name default
[root@controller ~]# openstack-config –set /etc/nova/nova.conf placement project_name service
[root@controller ~]# openstack-config –set /etc/nova/nova.conf placement username placement
[root@controller ~]# openstack-config –set /etc/nova/nova.conf placement password password
[root@controller ~]# openstack-config –set /etc/nova/nova.conf placement os_region_name RegionOne
[root@controller ~]# openstack-config –set /etc/nova/nova.conf vnc vncserver_listen 10.1.1.61
[root@controller ~]# openstack-config –set /etc/nova/nova.conf vnc vncserver_proxyclient_address 10.1.1.61
[root@controller ~]# openstack-config –set /etc/nova/nova.conf glance api_servers http://controller:9292
[root@controller ~]# openstack-config –set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

Configure Nova-Placement

[root@controller ~]# cat /etc/httpd/conf.d/00-nova-placement-api.conf

= 2.4>
Require all granted
Order allow,deny
Allow from all

Restart Httpd

[root@controller ~]# systemctl restart httpd

Synchronize Database

[root@controller ~]# su -s /bin/sh -c “nova-manage api_db sync” nova
[root@controller ~]# su -s /bin/sh -c “nova-manage cell_v2 map_cell0” nova
[root@controller ~]# su -s /bin/sh -c “nova-manage cell_v2 create_cell –name=cell1 –verbose” nova
[root@controller ~]# su -s /bin/sh -c “nova-manage db sync” nova

List Nova Cell

[root@controller ~]# nova-manage cell_v2 list_cells

Start Nova Service

[root@controller ~]# systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller ~]# systemctl restart openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller ~]# systemctl status openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

List Nova Status

[root@controller ~]# systemctl list-unit-files grep openstack-nova-*
openstack-nova-api.service enabled
openstack-nova-conductor.service enabled
openstack-nova-console.service disabled
openstack-nova-consoleauth.service enabled
openstack-nova-metadata-api.service disabled
openstack-nova-novncproxy.service enabled
openstack-nova-os-compute-api.service disabled
openstack-nova-scheduler.service enabled
openstack-nova-xvpvncproxy.service disabled

Check Nova Status

[root@controller ~]# nova-status upgrade check

List Nova Service

[root@controller ~]# nova service-list

List Nova Endpoint

[root@controller ~]# openstack endpoint list

Create Glance User Role

[root@controller ~]# source /root/admin-openrc
[root@controller ~]# openstack user create –domain default glance –password password
[root@controller ~]# openstack role add –project service –user glance admin

Create Glance Service

[root@controller ~]# openstack service create –name glance –description “OpenStack Image service” image

Create Endpoint

[root@controller ~]# openstack endpoint create –region RegionOne image public http://controller:9292
[root@controller ~]# openstack endpoint create –region RegionOne image internal http://controller:9292
[root@controller ~]# openstack endpoint create –region RegionOne image admin http://controller:9292

Install Glance

[root@controller ~]# yum install openstack-glance -y

Configure Glance-API

[root@controller ~]# cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf DEFAULT transport_url rabbit://openstack:password@controller
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:password@controller/glance
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://controller:5000
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf keystone_authtoken auth_url http://controller:35357
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf keystone_authtoken memcached_servers controller:11211
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf keystone_authtoken project_domain_name default
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf keystone_authtoken user_domain_name default
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf keystone_authtoken username glance
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf keystone_authtoken password password
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf paste_deploy flavor keystone
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf glance_store stores file,http
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf glance_store default_store file
[root@controller ~]# openstack-config –set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/

Configure Glance-Registry

[root@controller ~]# cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf DEFAULT transport_url rabbit://openstack:password@controller
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:password@controller/glance
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://controller:5000
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://controller:35357
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken memcached_serverscontroller:11211
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name default
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name default
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken username glance
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken password password
[root@controller ~]# openstack-config –set /etc/glance/glance-registry.conf paste_deploy flavor keystone

Synchronize Database

[root@controller ~]# su -s /bin/sh -c “glance-manage db_sync” glance

Start Glance Service

[root@controller ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service
[root@controller ~]# systemctl restart openstack-glance-api.service openstack-glance-registry.service
[root@controller ~]# systemctl status openstack-glance-api.service openstack-glance-registry.service

Download Cirros Img

[root@controller ~]# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86\_64-disk.img

Create Glance Image

[root@controller ~]# glance image-create –name “cirros-0.3.5-x86_64” –file cirros-0.3.5-x86_64-disk.img –disk-format qcow2 –container-format bare –visibility public –progress

Download CentOS Cloud Img

[root@controller ~]# wget http://cloud.centos.org/centos/7/images/CentOS-7-x86\_64-GenericCloud-1708.qcow2

Create Glance Image

[root@controller ~]# glance image-create –name “CentOS-7-x86_64” –file CentOS-7-x86_64-GenericCloud-1708.qcow2 –disk-format qcow2 –container-format bare –visibility public –progress

List Glance Image

[root@controller ~]# glance image-list

Install KeyStone

[root@controller ~]# yum install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached openstack-utils -y

Start Memcached Service

[root@controller ~]# systemctl enable memcached.service
[root@controller ~]# systemctl restart memcached.service
[root@controller ~]# systemctl status memcached.service

Configure KeyStone

[root@controller ~]# cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.bak
[root@controller ~]# openstack-config –set /etc/keystone/keystone.conf DEFAULT transport_url rabbit://openstack:password@controller
[root@controller ~]# openstack-config –set /etc/keystone/keystone.conf database connection mysql://keystone:password@controller/keystone
[root@controller ~]# openstack-config –set /etc/keystone/keystone.conf cache backend oslo_cache.memcache_pool
[root@controller ~]# openstack-config –set /etc/keystone/keystone.conf cache enabled true
[root@controller ~]# openstack-config –set /etc/keystone/keystone.conf cache memcache_servers controller:11211
[root@controller ~]# openstack-config –set /etc/keystone/keystone.conf memcache servers controller:11211
[root@controller ~]# openstack-config –set /etc/keystone/keystone.conf token expiration 3600
[root@controller ~]# openstack-config –set /etc/keystone/keystone.conf token provider fernet

Configure Httpd

[root@controller ~]# sed -i “s/#ServerName www.example.com:80/ServerName controller/“ /etc/httpd/conf/httpd.conf
[root@controller ~]# sed -i ‘s/OPTIONS*.*/OPTIONS=”-l 127.0.0.1,::1,10.1.1.61”/‘ /etc/sysconfig/memcached
[root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

Synchronize Database

[root@controller ~]# su -s /bin/sh -c “keystone-manage db_sync” keystone

Setup KeyStone

[root@controller ~]# keystone-manage fernet_setup –keystone-user keystone –keystone-group keystone
[root@controller ~]# keystone-manage credential_setup –keystone-user keystone –keystone-group keystone

Start Httpd Service

[root@controller ~]# systemctl enable httpd.service
[root@controller ~]# systemctl restart httpd.service
[root@controller ~]# systemctl status httpd.service

List Httpd Service

[root@controller ~]# systemctl list-unit-files grep httpd.service
httpd.service enabled

Create Admin Role

[root@controller ~]# keystone-manage bootstrap \
–bootstrap-password password \
–bootstrap-username admin \
–bootstrap-project-name admin \
–bootstrap-role-name admin \
–bootstrap-service-name keystone \
–bootstrap-region-id RegionOne \
–bootstrap-admin-url http://controller:35357/v3 \
–bootstrap-internal-url http://controller:35357/v3 \
–bootstrap-public-url http://controller:5000/v3

List OpenStack Project

[root@controller ~]# openstack project list –os-username admin –os-project-name admin –os-user-domain-id default –os-project-domain-id default –os-identity-api-version 3 –os-auth-url http://controller:5000 –os-password password

Configure Admin Resource

[root@controller ~]# cat /root/admin-openrc
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_DOMAIN_ID=default
export OS_USERNAME=admin
export OS_PROJECT_NAME=admin
export OS_PASSWORD=password
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
export OS_AUTH_URL=http://controller:35357/v3

Create OpenStack Project

[root@controller ~]# source /root/admin-openrc

[root@controller ~]# openstack project create –domain default –description “Service Project” service
[root@controller ~]# openstack project create –domain default –description “Demo Project” demo
[root@controller ~]# openstack user create –domain default demo –password password

[root@controller ~]# openstack role create user
[root@controller ~]# openstack role add –project demo –user demo user

[root@controller ~]# unset OS_TOKEN OS_URL
[root@controller ~]# openstack –os-auth-url http://controller:35357/v3 –os-project-domain-name default –os-user-domain-name default –os-project-name admin –os-username admin token issue –os-password password
[root@controller ~]# openstack –os-auth-url http://controller:5000/v3 –os-project-domain-name default –os-user-domain-name default –os-project-name demo –os-username demo token issue –os-password password