Installing and testing OpenStack Folsom on a virgin Debian GNU/Linux wheezy takes less than one hour. A set of packages is archived to make sure it keeps working. After checking the pre-requisites such as a public and private interface, the packages are installed and debconf questions answered as instructed.
The networks must then be created with
nova-manage network create private --fixed_range_v4=10.20.0.0/16 \ --network_size=256 --num_networks=2 --vlan=100
/etc/nova/nova.conf is updated to set vlan_interface=dummy0, public_interface=eth0 and fixed_range=10.20.0.0/16. /etc/nova/nova-compute.conf is updated to use LibvirtBridgeDriver and an instance can be booted with:
nova boot --poll --flavor m1.tiny --image cirrOS-0.3.0-x86_64 \ --key_name loic test
Pre-requisites
In the following list of pre-requisites, the values are use throughout this HOWTO and should be replaced with values matching the target machine configuration and the intented usage.
- 10GB: in / for the system and the logs
- 10GB: in /var/lib/nova for instances root disks
- 10GB: in /var/lib/glance for bootable images
- eth0: public network interface, i.e. where public IP are bound
- dummy0: private network interface
- 192.168.42.1: private IP address on dummy0
- volumes: LVM volume group dedicated to cinder
Add folsom packages
cat > /etc/apt/sources.list.d/folsom.list <<EOF deb http://openstack.dachary.org/2013-01-13 ./ deb-src http://openstack.dachary.org/2013-01-13 ./ EOF apt-get update
Configuring dummy0
If the bare metal machine does not have two physical network interfaces, one can be created with:
cat >> /etc/network/interfaces <<EOF
auto dummy0
iface dummy0 inet static
address 192.168.42.1
netmask 255.255.255.0
network 192.168.42.0
broadcast 192.168.42.255
EOF
ifup dummy0
Configuring the packages
The MySQL root database password is not set. When asked by debconf, return is hit and no string is typed. The answers to the other debconf questions are archived together with the questions as they show when using DEBIAN_FRONTENT=readline.
debconf-set-selections <<EOF # Will this server be used to access remote databases? dbconfig-common dbconfig-common/remote-questions-default boolean true # Keep "administrative" database passwords? dbconfig-common dbconfig-common/remember-admin-pass boolean yes EOF apt-get install -y dbconfig-common apt-get install -y mysql-server apt-get install -y --force-yes keystone apt-get install -y --force-yes python-cinderclient python-glanceclient memcached rabbitmq-server ntp cinder-api cinder-scheduler glance nova-api nova-console nova-scheduler nova-xvpvncproxy openstack-dashboard-apache nova-api nova-cert nova-compute nova-compute-kvm nova-network cinder-volume iscsitarget
Manual configuration
Networks are added to be used by tenants
nova-manage network create private --fixed_range_v4=10.20.0.0/16 --network_size=256 --num_networks=2 --vlan=100
and show with
nova-manage network list id IPv4 IPv6 start address ... 1 10.20.0.0/24 None 10.20.0.3 ... 2 10.20.1.0/24 None 10.20.1.3 ...
sed -i -e 's/^vlan_interface.*/vlan_interface=dummy0/' \
-e 's/^#public_interface.*/public_interface=eth0/' \
-e 's:^#fixed_range.*:fixed_range=10.20.0.0/16:' \
/etc/nova/nova.conf
sed -i -e 's/^libvirt_vif_driver=.*/libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtBridgeDriver/' /etc/nova/nova-compute.conf
/etc/init.d/nova-compute restart
/etc/init.d/nova-api restart
/etc/init.d/nova-scheduler restart
Testing the installation
Immediately after the keystone installation, a single service is registered
keystone --token ADMIN --endpoint http://192.168.42.1:35357/v2.0/ service-list +----------------------------------+----------+----------+---------------------------+ | id | name | type | description | +----------------------------------+----------+----------+---------------------------+ n| cf8327d7e9934fdf98d7a9a6e6346369 | keystone | identity | Keystone Identity Service | +----------------------------------+----------+----------+---------------------------+
The services are displayed with
# nova-manage service list Binary Host Zone Status State Updated_At nova-cert wheezy nova enabled :-) 2013-01-13 22:38:20 nova-compute wheezy nova enabled :-) 2013-01-13 22:38:22 nova-console wheezy nova enabled :-) 2013-01-13 22:38:22 nova-consoleauth wheezy nova enabled :-) 2013-01-13 22:38:22 nova-network wheezy nova enabled :-) 2013-01-13 22:38:15 nova-scheduler wheezy nova enabled :-) 2013-01-13 22:38:15
The client credential are exported with
export OS_PASSWORD=ADMIN export OS_AUTH_URL=http://127.0.0.1:5000/v2.0/ export OS_USERNAME=admin export OS_TENANT_NAME=admin export OS_VERSION=1.1 export OS_NO_CACHE=1
An image ( bootable disk image ) is uploaded
# wget https://launchpadlibrarian.net/83305348/cirros-0.3.0-x86_64-disk.img glance add name="cirrOS-0.3.0-x86_64" is_public=true \ container_format=bare \ disk_format=qcow2 < cirros-0.3.0-x86_64-disk.img
and shows with
# nova image-list +--------------------------------------+---------------------+--------+--------+ | ID | Name | Status | Server | +--------------------------------------+---------------------+--------+--------+ | 0fd5cd47-fdc5-4627-a962-ef0783378ca2 | cirrOS-0.3.0-x86_64 | ACTIVE | | +--------------------------------------+---------------------+--------+--------+
A keypair ( ssh public key ) is uploaded
# cat > loic-rsa.pub <<EOF ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApKfP/I/WoSeX7MAFGpdntC56oHk0wJNn+qy0cud321yTaZRReJGQyqhoBk/sXsnqF4mOpXTf3+Ao1hQIiFazR5Fbmvk7DR0nKj8sGPV0iJB1F0+eyL+w7mgPyD8VDCw+ygCWG4ghMfeGKRAJQweO4v7rFx61UeYDxNk3roOgeuM= loic@inspiron.dachary.org EOF nova keypair-add --pub_key loic-rsa.pub loic
and shows with
# nova keypair-list +------+-------------------------------------------------+ | Name | Fingerprint | +------+-------------------------------------------------+ | loic | e0:a3:ab:5f:01:54:5c:1d:19:40:d9:62:b4:b3:a1:0b | +------+-------------------------------------------------+
An instance is created
nova boot --poll --flavor m1.tiny --image cirrOS-0.3.0-x86_64 --key_name loic test
and shows with
nova list +--------------------------------------+------+--------+---------------------+ | ID | Name | Status | Networks | +--------------------------------------+------+--------+---------------------+ | f70f1f97-c537-4cec-964d-75354836ec30 | test | ACTIVE | private_0=10.20.0.3 | +--------------------------------------+------+--------+---------------------+
The default login is cirros :
ssh cirros@10.20.0.3 $
Troubleshooting
To figure out which line of code issues a message or raises an exception:
python -u -m trace --trace /usr/bin/keystone ...
To list the debconf answers:
apt-get install debconf-utils debconf-get-selections | grep '^keystone'
If debconf-set-selections displays error: Cannot find a question for... run:
/usr/share/debconf/fix_db.pl
To debug or fix a postinstall script, rebuild the package with:
apt-get build-dep glance apt-get source glance # ... edit debian/glance-common.postinst ... ( cd glance-* ; DEB_BUILD_OPTIONS=nocheck dpkg-buildpackage -uc -us ) dpkg -i glance-common*.deb
The openstack-pkg-tools provides functions used in all packages and it does not support DEBIAN_FRONTEND=noninteractive The following does not work :
AUTH_TOKEN=ADMIN # token used by services to dialog with keystone
wget -qO - http://openstack.dachary.org/2013-01-13/folsom-example-preseed.txt |
sed -e "s/ENDPOINT_IP/$(facter ipaddress_eth0)/" \
-e "s/PRIVATE_IP/$(facter ipaddress_dummy0)/" \
-e "s/AUTH_TOKEN/$AUTH_TOKEN/" \
| debconf-set-selections
export DEBIAN_FRONTEND=noninteractive
The symptom of the problem can be seen during installation when the following output shows:
error encountered determining package or command: dbconfig-common can not determine the maintainer script running it.
folsom packages for wheezy
The pacakges used for this installation are archived and can be used with:
cat > /etc/apt/sources.list.d/folsom.list <<EOF deb http://openstack.dachary.org/2013-01-13 ./ deb-src http://openstack.dachary.org/2013-01-13 ./ EOF
The repository was created assuming the target architecture is amd64 with
# lftp http://ftp.gplhost.com/debian/pool/
cd ok, cwd=/debian/pool
lftp ftp.gplhost.com:/debian/pool> mirror wheezy-backports
Total: 13 directories, 71 files, 0 symlinks
New: 71 files, 0 symlinks
14148861 bytes transferred in 18 seconds (788.4K/s)
lftp ftp.gplhost.com:/debian/pool> mirror openstack
Total: 41 directories, 268 files, 0 symlinks
New: 268 files, 0 symlinks
93028948 bytes transferred in 77 seconds (1.15M/s)
# rm wheezy-backports/main/*/*/*{arm,i386,powerpc,freebsd,mips,s390,sparc}*
# dpkg-scansources . /dev/null | gzip > Sources.gz
# dpkg-scanpackages . /dev/null | gzip > Packages.gz
I am using your guide (http://openstack.dachary.org/2013-01-13/) to install folsom. I made a few changes one of them to include Cinder in the install. After the installation I notice that cinder-api is down and that when I try doing a
cinder listI get this on the nova-api.log :2013-07-26 15:29:27 25336 ERROR keystone.middleware.auth_token [-] HTTP connection exception: [Errno -2] Name or service not known
2013-07-26 15:29:27 25336 WARNING keystone.middleware.auth_token [-] Authorization failed for token aceb71f6c29847b2b5ac726c9e3cb4b6
2013-07-26 15:29:27 25336 INFO keystone.middleware.auth_token [-] Invalid user token - rejecting request
I traced it down to the api-paste.ini for cinder where I noticed this line
auth_host = "192.168.42.1 "after removing the “” and restarting the services
cinder listworks fine and so does everything else. But I am bothered by these aphostrophes, I looked through the packages you are hosting and I could not find it. Any ideas? Anyways thanks for this guide.The cinder packages from this repository are broken. I’m not aware of a cinder package that would work for Debian GNU/Linux and Folsom. You should try asking on irc://irc.oftc.net#debian-openstack
Thanks, I will check that out. I noticed that http://openstack.dachary.org/2013-01-13 is not up. Do you have the archived packages available elsewhere? I should have probably made a copy.