How to Create a personal cloud at home using Openstack
This document shows how to spin up a proof of concept cloud on 3 nodes, using the Packstack installation utility.
The hardware configuration used in this guide:
- 1x Dlink DR-600 router to provide access to and from internet using NAT, Firewall,...
- 1x Dlink switch to provide communication between machines
- 3x physical machines with hardware virtualization extensions, and at least one network adapter:
- compute01: 8cpu | 32G RAM | 1,8T data | 192.168.1.101 | CentOS 7 x86_64
- compute02: 8cpu | 32G RAM | 500G data | 192.168.1.102 | CentOS 7 x86_64
- compute03: 4cpu | 16G RAM | 500G data | 192.168.1.103 | CentOS 7 x86_64
Run the following commands on the first node "Compute01" us root user
Starting installation on the first node that going to act as a controller and compute node at the same time.
If you are using non-English locale make sure your /etc/environment is populated:
echo "LANG=en_US.utf-8
LC_ALL=en_US.utf-8" >> /etc/environment
Adding other nodes addresses in /etc/hosts
echo "192.168.1.101 compute01
192.168.1.102 compute02
192.168.1.103 compute03" >> /etc/hosts
If your system meets all the prerequisites mentioned below, proceed with running the following commands.
- Red Hat Enterprise Linux (RHEL) 7 is the minimum recommended version, or the equivalent version of one of the RHEL-based Linux distributions such as CentOS, Scientific Linux, and so on. x86_64 is currently the only supported architecture.
- Machine with at least 16GB RAM, processors with hardware virtualization extensions, and at least one network adapter.
Update your current packages:
yum update -y
If you plan on having external network access to the server and instances, this is a good moment to properly configure your network settings. A static IP address to your network card, and disabling NetworkManager are good ideas.
systemctl disable firewalld
systemctl stop firewalld
systemctl disable NetworkManager
systemctl stop NetworkManager
systemctl enable network
systemctl start network
yum update -y
On CentOS 7, the Extras repository provides the RPM that enables the OpenStack repository. Extras is enabled by default on CentOS 8, so you can simply install the RPM to set up the OpenStack repository:
yum install -y centos-release-openstack-rocky
yum update -y
Install Packstack Installer:
yum install -y openstack-packstack
In case you have additional Hard drives, you can use them to extend cinder storage capacity as lvm backend. To add 2 disks mounted on /dev/sdb and /dev/sdc run the following commands:
For the first disk /dev/sdb :
Creates an XFS file system with an internal log on the /dev/sdb disk:
mkfs.xfs -f -L "HomeLabStore" /dev/sdb
Next we will use the pvcreate command to create a physical volume for later use by the LVM. In this case the physical volume will be our new /dev/sdb:
pvcreate -y /dev/sdbNow using the vgextend command, we extend the centos volume group by adding in the physical volume of /dev/sdb which we created using the pvcreate command just before.
vgextend centos /dev/sdbThe logical volume is then extended using the lvextend command. We are extending the original logical volume of /dev/centos/root over the newer /dev/sdb
lvextend -l +100%FREE /dev/centos/rootGrow the file system with :
xfs_growfs /check the changes:
lvmdiskscan -l
df -hFor the second disk /dev/sdc :
Creates an XFS file system with an internal log on the /dev/sdc disk:
mkfs.xfs -f -L "HomeLabStore" /dev/sdc
Next we will use the pvcreate command to create a physical volume for later use by the LVM. In this case the physical volume will be our new /dev/sdc:
pvcreate -y /dev/sdc
Now using the vgextend command, we extend the centos volume group by adding in the physical volume of /dev/sdc which we created using the pvcreate command just before.
vgextend centos /dev/sdc
The logical volume is then extended using the lvextend command. We are extending the original logical volume of /dev/centos/root over the newer /dev/sdc
lvextend -l +100%FREE /dev/centos/rootGrow the file system with :
xfs_growfs /
check the changes:
lvmdiskscan -l
df -h
Reboot The node :
rebootPackstack takes the work out of manually setting up OpenStack. For a single node OpenStack deployment (we will add other nodes in a second deployment), run the following command:
packstack
--allinone --provision-demo=n --os-neutron-l2-agent=openvswitch
--os-neutron-ml2-mechanism-drivers=openvswitch
--os-neutron-ml2-tenant-network-types=vxlan
--os-neutron-ml2-type-drivers=flat,vlan,gre,vxlan
--os-neutron-ovs-bridge-mappings=extnet:br-ex
--os-neutron-ovs-bridge-interfaces=br-ex:p3p1This means, we will bring up the interface and plug it into br-ex OVS bridge as a port, providing the uplink connectivity. And will define a logical name for our external physical L2 segment as "extnet". Later we will reference to our provider network by the name when creating external networks.
Some useful commands to check network configuration:
ovs-vsctl list-br
cat /etc/sysconfig/network-scripts/ifcfg-p3p1
cat /etc/sysconfig/network-scripts/ifcfg-br-ex
ovs-vsctl list-ports br-tun
ovs-vsctl list-ports br-int
ovs-vsctl list-ports br-ex
cat /etc/neutron/plugins/ml2/ml2_conf.ini |grep type_drivers
cat /etc/neutron/plugins/ml2/ml2_conf.ini |grep tenant_network_types
cat /etc/neutron/plugins/ml2/ml2_conf.ini |grep flat_networks
cat /etc/neutron/plugins/ml2/ml2_conf.ini |grep vni_ranges
cat /etc/neutron/plugins/ml2/openvswitch_agent.ini |grep tunnel_types -B12
cat /etc/neutron/plugins/ml2/openvswitch_agent.ini |grep l2_population
cat /etc/neutron/plugins/ml2/openvswitch_agent.ini |grep prevent_arp_spoofing
cat /etc/neutron/plugins/ml2/openvswitch_agent.ini |grep bridge_mappingsReboot The node :
rebootNow, create the external network with Neutron.
source keystonerc_admin
neutron net-create external_network --provider:network_type flat --provider:physical_network extnet --router:externalPlease note: "extnet" is the L2 segment we defined with –os-neutron-ovs-bridge-mappings above.
You need to create a public subnet with an allocation range outside of your external DHCP range and set the gateway to the default gateway of the external network.
neutron
subnet-create --name public_subnet --enable_dhcp=False
--allocation-pool=start=192.168.1.110,end=192.168.1.210
--gateway=192.168.1.254 external_network 192.168.1.0/24Get a cirros image, not provisioned without demo provisioning:
curl
-L http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img |
glance image-create --name='cirros image' --visibility=public
--container-format=bare --disk-format=qcow2Since you haven't created a project and user yet:
openstack project create --enable homelab
openstack user create --project homelab --password SuperPassw0Rd --email [email protected] --enable ymaachi
Now, let's create a source file to easily switch to the newly created user:
echo " export OS_USERNAME=ymaachi
export OS_PASSWORD='SuperPassw0Rd'
export OS_TENANT_NAME=homelab
export PS1='[\u@\h \W(keystone_ymaachi)]\$ '" > keystonerc_ymaachi
Then create a router and set its gateway using the external network created by the admin in one of previous steps:
neutron router-create homelab_router
neutron router-gateway-set homelab_router external_networkNow create a private network and a subnet in it, since demo provisioning has been disabled:
neutron net-create homelab_network
neutron
subnet-create --name homelab_subnet --gateway 192.168.100.1
--dns-nameserver 192.168.1.254 --dns-nameserver 8.8.8.8 --dns-nameserver
4.4.4.4 homelab_network 192.168.100.0/24Finally, connect your new private network to the public network through the router, which will provide floating IP addresses.
neutron router-interface-add homelab_router homelab_subnetImport an ssh key to access to instances (you can generate your own key):
openstack keypair create --public-key ~/.ssh/id_rsa.pub rootATcompute01Create a security group to authorize ssh access to instances:
openstack security group create secgroup01
openstack security group rule create --protocol icmp --ingress secgroup01
openstack security group rule create --protocol tcp --dst-port 22:22 secgroup01
openstack security group rule list Run the following commands on the second node "Compute02" as root user
If you are using non-English locale make sure your /etc/environment is populated:
echo "LANG=en_US.utf-8
LC_ALL=en_US.utf-8" >> /etc/environmentAdding other nodes addresses in /etc/hosts
echo "192.168.1.101 compute01
192.168.1.102 compute02
192.168.1.103 compute03" >> /etc/hostsIf your system meets all the prerequisites mentioned below, proceed with running the following commands.
- Red Hat Enterprise Linux (RHEL) 7 is the minimum recommended version, or the equivalent version of one of the RHEL-based Linux distributions such as CentOS, Scientific Linux, and so on. x86_64 is currently the only supported architecture.
Update your current packages:
yum update -yIf you plan on having external network access to the server and instances, this is a good moment to properly configure your network settings. A static IP address to your network card, and disabling NetworkManager are good ideas.
systemctl disable firewalld
systemctl stop firewalld
systemctl disable NetworkManager
systemctl stop NetworkManager
systemctl enable network
systemctl start network
yum update -yOn CentOS 7, the Extras repository provides the RPM that enables the OpenStack repository. Extras is enabled by default on CentOS 8, so you can simply install the RPM to set up the OpenStack repository:
yum install -y centos-release-openstack-rocky
yum update -yReboot The node :
rebootRun the following on the third node "Compute03" as root user
If you are using non-English locale make sure your /etc/environment is populated:
echo "LANG=en_US.utf-8
LC_ALL=en_US.utf-8" >> /etc/environmentAdding other nodes addresses in /etc/hosts
echo "192.168.1.101 compute01
192.168.1.102 compute02
192.168.1.103 compute03" >> /etc/hostsIf your system meets all the prerequisites mentioned below, proceed with running the following commands.
- Red
Hat Enterprise Linux (RHEL) 7 is the minimum recommended version, or
the equivalent version of one of the RHEL-based Linux distributions such
as CentOS, Scientific Linux, and so on. x86_64 is currently the only
supported architecture.
Update your current packages:
yum update -yIf
you plan on having external network access to the server and instances,
this is a good moment to properly configure your network settings. A
static IP address to your network card, and disabling NetworkManager are
good ideas.
systemctl disable firewalld
systemctl stop firewalld
systemctl disable NetworkManager
systemctl stop NetworkManager
systemctl enable network
systemctl start network
yum update -yOn
CentOS 7, the Extras repository provides the RPM that enables the
OpenStack repository. Extras is enabled by default on CentOS 8, so you
can simply install the RPM to set up the OpenStack repository:
yum install -y centos-release-openstack-rocky
yum update -yReboot The node :
rebootRun the following commands on the controller node (the first node) "Compute01" as root user
First, edit the "answer file" generated during the initial Packstack setup. You'll find the file in the directory from which you ran Packstack.
Note: By default, $youranswerfile is called packstack-answer-$date-$time.txt.
vi packstack-answers-20210604-163902.txtIf you want to have your new node as the only compute node, change the value for CONFIG_COMPUTE_HOSTS from the value of your first host IP address to the value of your second host IP address. You can also have both systems as compute nodes, if you add them as a comma-separated list:
CONFIG_COMPUTE_HOSTS=192.168.1.101,192.168.1.102,192.168.1.103You can change the following values to install these additional services in you Home Cloud :
CONFIG_MANILA_INSTALL=y
CONFIG_PANKO_INSTALL=y
CONFIG_SAHARA_INSTALL=y
CONFIG_HEAT_INSTALL=y
CONFIG_MAGNUM_INSTALL=y
CONFIG_TROVE_INSTALL=y
CONFIG_NEUTRON_FWAAS=y
CONFIG_NEUTRON_VPNAAS=yRun Packstack again, specifying your modified "answer file":
packstack --answer-file=packstack-answers-20210604-163902-second-deployment.txtThe installer will ask you to enter the root password for each host node you are installing on the network, to enable remote configuration of the host so it can remotely configure each node using Puppet.
Install manila UI in Horizon:
yum install -y openstack-manila-uiCustomize Horizon Logo:
mv
/usr/share/openstack-dashboard/static/dashboard/img/logo-splash.svg
/usr/share/openstack-dashboard/static/dashboard/img/logo-splash.svg.old
mv /usr/share/openstack-dashboard/static/dashboard/img/logo.svg /usr/share/openstack-dashboard/static/dashboard/img/logo.svg.old
mv
/usr/share/openstack-dashboard/openstack_dashboard/static/dashboard/img/logo.svg
/usr/share/openstack-dashboard/openstack_dashboard/static/dashboard/img/logo.svg.old
mv
/usr/share/openstack-dashboard/openstack_dashboard/static/dashboard/img/logo-splash.svg
/usr/share/openstack-dashboard/openstack_dashboard/static/dashboard/img/logo-splash.svg.oldFrom your computer, copy the new logo to horizon in order to replace openstack default logo:
scp
img/Color-logo-no-background.svg
[email protected]:/usr/share/openstack-dashboard/openstack_dashboard/static/dashboard/img/logo.svg
scp
img/Color-logo-no-background-splash.svg
[email protected]:/usr/share/openstack-dashboard/openstack_dashboard/static/dashboard/img/logo-splash.svg
scp img/Color-logo-no-background.svg [email protected]:/usr/share/openstack-dashboard/static/dashboard/img/logo.svg
scp
img/Color-logo-no-background-splash.svg
[email protected]:/usr/share/openstack-dashboard/static/dashboard/img/logo-splash.svgNow from the controller node (compute01), add DNS alias name of Horizon and restard httpd service:
vi /etc/httpd/conf.d/15-horizon_vhost.conf
ServerAlias cloud.yassinemaachi.com
systemctl restart httpd
systemctl restart memcachedOnce the process is complete, you can log in to the OpenStack web interface Horizon by going to http://$YOURIP/dashboard. The user name is admin. The password can be found in the file keystonerc_admin in the /root directory of the control node.
To check the state of all compute nodes in horizon go to Hypervisors section under compute in the admin project:
- [1] https://www.rdoproject.org/install/packstack/
Commentaires
Enregistrer un commentaire