Tuesday, February 04, 2014

OpenStack: Quick Install using DevStack

Though not a recommended method for installing OpenStack for production, DevStack offers an easy method to install and run an OpenStack cloud either on hardware or even within virtual machine.

In this post, I walk through installing OpenStack using DevStack on an old Sony Vaio laptop on local network. The DevStack site provides instructions for installing OpenStack on Virtual Machines and on Hardware. The detailed instructions for installing OpenStack on a single hardware machine, that I followed, are available at DevStack.

Install Ubuntu Server OS

I repurposed a SONY VAIO laptop for DevStack install that was originally wiped clean with Darik's Boot and Nuke in preparation for disposal.

As DevStack downloads and installs all dependencies, I downloaded 64-bit PC (amd64, x86_64)Ubuntu 12.04 "Precise Pangolin" using Minimal CD mini.iso and burnt a CD on my MacBook Pro.

Booted Sony laptop using the Ubuntu minimal CD and selected Install from Installer boot menu, followed the prompts, and accepted default options for most prompts. It takes over an hour for the installation to download and install the base system.

Installed OpenSSH Server to enable access to Ubuntu server over SSH from my MBP.
$sudo apt-get install openssh-server
Checked whether SSH process is running by using one of the two commands listed below. The output shows process running.
anil@OSCloud:~$ ps aux | grep ssh
root      1394  0.0  0.0   6684  2416 ?        Ss   21:43   0:00 /usr/sbin/sshd -D   
anil      1534  0.0  0.0   4384   836 pts/0    S+   22:06   0:00 grep --color=auto ssh

anil@OSCloud:~$ service ssh status
ssh start/running, process 1394
Checked the IP address of Ubuntu server so that I can remotely access the server.
anil@OSCloud:~$ ifconfig
eth0    Link encap:Ethernet  HWaddr 00:1d:ba:23:9a:c5  
        inet addr:10.0.1.25  Bcast:10.0.1.255  Mask:255.255.255.0
        inet6 addr: fe80::21d:baff:fe23:9ac5/64 Scope:Link
        UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
        RX packets:875 errors:0 dropped:0 overruns:0 frame:0
        TX packets:202 errors:0 dropped:0 overruns:0 carrier:0
        collisions:0 txqueuelen:1000 
        RX bytes:522168 (522.1 KB)  TX bytes:19796 (19.7 KB)
        Interrupt:16 

lo      Link encap:Local Loopback  
        inet addr:127.0.0.1  Mask:255.0.0.0
        inet6 addr: ::1/128 Scope:Host
        UP LOOPBACK RUNNING  MTU:16436  Metric:1
        RX packets:0 errors:0 dropped:0 overruns:0 frame:0
        TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
        collisions:0 txqueuelen:0 
        RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
While trying to access Ubuntu server from MPB over SSH, I received following error.
ANILs-MacBook-Pro:~ anilgupta$ ssh anil@10.0.1.25
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
26:54:a3:4e:cd:a3:6c:80:f3:36:2c:b3:c9:17:f0:db.
Please contact your system administrator.
Add correct host key in /Users/anilgupta/.ssh/known_hosts to get rid of this message.
Offending RSA key in /Users/anilgupta/.ssh/known_hosts:6
RSA host key for 10.0.1.25 has changed and you have requested strict checking.
Host key verification failed.
This is well-known error when there is fingerprint mismatch between the host (Ubuntu Server) and client (MBP). In this case, as there is no malicious attempt, I removed the offending key from MBP using ssh-keygen -R command.
ANILs-MacBook-Pro:~ anilgupta$ ssh-keygen -R 10.0.1.25
# Host 10.0.1.25 found: line 6 type RSA
/Users/anilgupta/.ssh/known_hosts updated.
Original contents retained as /Users/anilgupta/.ssh/known_hosts.old
After removing the offending key, I was able to successfully SSH into Ubuntu Server.
ANILs-MacBook-Pro:~ anilgupta$ ssh anil@10.0.1.25
The authenticity of host '10.0.1.25 (10.0.1.25)' can't be established.
RSA key fingerprint is 26:54:a3:4e:cd:a3:6c:80:f3:36:2c:b3:c9:17:f0:db.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.1.25' (RSA) to the list of known hosts.
anil@10.0.1.25's password: 
Welcome to Ubuntu 12.04.4 LTS (GNU/Linux 3.2.0-58-generic-pae i686)

* Documentation:  https://help.ubuntu.com/
Last login: Tue Jan 28 21:40:01 2014
Gave sudo privileges to anil user account
anil@OSCloud:~$ sudo visudo
A file /etc/sudoers.tmp was opened in nano editor. Added the following line to the opened file and then saved using ^X.
anil    ALL=(ALL) NOPASSWD: ALL
At this point, the Ubuntu server is ready for DevStack install.

Install DevStack

Before installing DevStack, it is good idea to review DevStack GitHub ReadMe file. A few points that stood out in this file for me were:
  • Be sure to carefully read stack.sh and any other scripts your execute before you run them, as they install software and will alter your networking configuration.
  • The DevStack master branch generally points to trunk versions of OpenStack components. For older, stable versions, look for branches names stable/[release] in DevStack repo.
  • You can also pick specific OpenStack project releases by setting the appropriate *_BRANCH variables in the localrc section of local.conf.
  • You can override environment variables used in stack.sh by creating file name local.conf with a localrc section.
  • Swift is disabled by default. When, it is configured with only one replica to avoid being IO/memory intensive.
The last point was particularly important for my install as I really would like to understand storage components in OpenStack.
Install Git distributed version control system.
anil@OSCloud:~$ sudo apt-get install git -y
[sudo] password for anil: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
    git-man liberror-perl patch
Suggested packages:
    git-daemon-run git-daemon-sysvinit git-doc git-el git-arch git-cvs git-svn
    git-email git-gui gitk gitweb diffutils-doc
The following NEW packages will be installed:
    git git-man liberror-perl patch
0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
Need to get 6,703 kB of archives.
After this operation, 15.5 MB of additional disk space will be used.
Get:1 http://us.archive.ubuntu.com/ubuntu/ precise/main liberror-perl all 0.17-1 [23.8 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu/ precise/main git-man all 1:1.7.9.5-1 [630 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu/ precise/main git i386 1:1.7.9.5-1 [5,963 kB]
Get:4 http://us.archive.ubuntu.com/ubuntu/ precise/main patch i386 2.6.1-3 [86.0 kB]
Fetched 6,703 kB in 16s (409 kB/s)                                             
Selecting previously unselected package liberror-perl.
Reading database ... 46735 files and directories currently installed.)
Unpacking liberror-perl (from .../liberror-perl_0.17-1_all.deb) ...
Selecting previously unselected package git-man.
Unpacking git-man (from .../git-man_1%3a1.7.9.5-1_all.deb) ...
Selecting previously unselected package git.
Unpacking git (from .../git_1%3a1.7.9.5-1_i386.deb) ...
Selecting previously unselected package patch.
Unpacking patch (from .../patch_2.6.1-3_i386.deb) ...
Processing triggers for man-db ...
Setting up liberror-perl (0.17-1) ...
Setting up git-man (1:1.7.9.5-1) ...
Setting up git (1:1.7.9.5-1) ...
Setting up patch (2.6.1-3) ...
Clone the DevStack repository from GitHub.
anil@OSCloud:~$ git clone https://github.com/openstack-dev/devstack.git
Cloning into 'devstack'...
remote: Reusing existing pack: 14896, done.
remote: Total 14896 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (14896/14896), 3.55 MiB | 1.59 MiB/s, done.
Resolving deltas: 100% (10138/10138), done.
Change to devstack directory.
anil@OSCloud:~$ cd devstack
anil@OSCloud:~/devstack$ ls -la
total 260
drwxr-xr-x 11 anil anil  4096 Jan 29 12:15 .
drwxr-xr-x  4 anil anil  4096 Jan 29 12:15 ..
-rw-rw-r--  1 anil anil  1857 Jan 29 12:15 AUTHORS
-rwxrwxr-x  1 anil anil  2871 Jan 29 12:15 clean.sh
drwxrwxr-x  2 anil anil  4096 Jan 29 12:15 driver_certs
-rw-rw-r--  1 anil anil  1552 Jan 29 12:15 eucarc
-rw-rw-r--  1 anil anil  1145 Jan 29 12:15 exerciserc
drwxrwxr-x  2 anil anil  4096 Jan 29 12:15 exercises
-rwxrwxr-x  1 anil anil  1962 Jan 29 12:15 exercise.sh
drwxrwxr-x  2 anil anil  4096 Jan 29 12:15 extras.d
drwxrwxr-x  7 anil anil  4096 Jan 29 12:15 files
-rw-rw-r--  1 anil anil 66652 Jan 29 12:15 functions
drwxrwxr-x  8 anil anil  4096 Jan 29 12:15 .git
-rw-rw-r--  1 anil anil   226 Jan 29 12:15 .gitignore
-rw-rw-r--  1 anil anil    81 Jan 29 12:15 .gitreview
-rw-rw-r--  1 anil anil 11243 Jan 29 12:15 HACKING.rst
drwxrwxr-x  6 anil anil  4096 Jan 29 12:15 lib
-rw-rw-r--  1 anil anil 10143 Jan 29 12:15 LICENSE
-rw-rw-r--  1 anil anil   259 Jan 29 12:15 .mailmap
-rw-rw-r--  1 anil anil  3343 Jan 29 12:15 openrc
-rw-rw-r--  1 anil anil 14473 Jan 29 12:15 README.md
-rwxrwxr-x  1 anil anil   638 Jan 29 12:15 rejoin-stack.sh
-rwxrwxr-x  1 anil anil   870 Jan 29 12:15 run_tests.sh
drwxrwxr-x  2 anil anil  4096 Jan 29 12:15 samples
-rw-rw-r--  1 anil anil 12425 Jan 29 12:15 stackrc
-rwxrwxr-x  1 anil anil 43835 Jan 29 12:15 stack.sh
drwxrwxr-x  2 anil anil  4096 Jan 29 12:15 tests
drwxrwxr-x  6 anil anil  4096 Jan 29 12:15 tools
-rwxrwxr-x  1 anil anil  3769 Jan 29 12:15 unstack.sh
Make a copy of local.conf file from devstack/samples folder to devstack folder
anil@OSCloud:~/devstack$ cp samples/local.conf local.conf
Open local.conf file in editor and add the listed configuration changes in [[local|localrc]] section. I chose to have same password as ADMIN for other accounts. I also chose to enable Swift. Save the file.
anil@OSCloud:~/devstack$ nano local.conf

ADMIN_PASSWORD = select_password
MYSQL_PASSWORD = select_password
RABBIT_PASSWORD = select_password
SERVICE_PASSWORD = $ADMIN_PASSWORD

enable_service s-proxy s-object s-container s-account

Run DevStack using stack.sh.

anil@OSCloud:~/devstack$ ./stack.sh
[sudo] password for anil: 
Using mysql database backend

################################################################################
ENTER A SERVICE_TOKEN TO USE FOR THE SERVICE ADMIN TOKEN.
################################################################################
This value will be written to your localrc file so you don't have to enter it 
again.  Use only alphanumeric characters.
If you leave this blank, a random default value will be used.
Enter a password now:
select_password
2014-01-29 12:48:57 + echo_summary 'Installing package prerequisites'
...
Once install finishes, access information for the OpenStack cloud is displayed.
Horizon is now available at http://10.0.1.25/
Keystone is serving at http://10.0.1.25:5000/v2.0/
Examples on using novaclient command line is in exercise.sh
The default users are: admin and demo
The password: select_password
This is your host ip: 10.0.1.25
stack.sh completed in 339 seconds.
The OpenStack logs are stored in /opt/stack/logs directory. The latest detailed log can be accessed using symlink /opt/stack/logs/stack.sh.log. Unless there are errors, the latest summary log symlink /opt/stack/logs/stack.sh.log.summary is sufficient to check for installed, configured, and status of services.
anil@OSCloud:~/devstack$ cat /opt/stack/logs/stack.sh.log.summary
stack.sh log /opt/stack/logs/stack.sh.log.2014-01-29-134716
Installing package prerequisites
Installing OpenStack project source
Installing Tempest
Starting RabbitMQ
Configuring and starting MySQL
Starting Keystone
Configuring and starting Horizon
Configuring Glance
Configuring Swift
Configuring Cinder
Configuring Nova
Starting Swift
Starting Glance
Starting Nova API
Starting Nova
Starting Cinder
Uploading images
Initializing Tempest
stack.sh completed in 346 seconds.
At this point, I was able to log in to Horizon Dashboard using http://10.0.1.25/ from MBP.

OpenStack Dashboard

Miscellaneous Operations


Stop DevStack

unstack.sh stops the processes that were started by stack.sh. All processes can be stopped by setting UNSTACK_ALL or specifying --all on the command line.
anil@OSCloud:~/devstack$ ./unstack.sh --all
    * Stopping web server apache2                                                                                                                       apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
    ... waiting                                                                          [ OK ]
tgt stop/waiting
tgtadm: can't send the request to the tgt daemon, Transport endpoint is not connected
tgtd seems to be in a bad state, restarting...
stop: Unknown instance: 
tgt start/running, process 13058
tgt stop/waiting
mysql stop/waiting
Stopping rabbitmq-server: rabbitmq-server.

Restart DevStack

Bring volume group online so that cinder-volume will start without errors
sudo losetup -f /opt/stack/data/stack-volumes-backing-file
Use rejoin-stack.sh to restart the DevStack
./rejoin-stack.sh &

Reboot Host

After rebooting the Host, when I tried to login to dashboard, I received the error An error occurred authenticating. Please try again later. The /var/log/apache2/horizon_error.log only shows Login failed for user "admin" as entry. Checked the SELINUX status.
anil@OSCloud:~/devstack$ sestatus
SELinux status:                 disabled
The reason turned out that I needed to restart Devstack by using the command listed above in Restart DevStack section.

In next post, I will take the Dashboard for a spin.


Digital Ocean

No comments:

Post a Comment