The Single machine setup has all the services running. Cinder part is to be added in the future.
Install Ubuntu 12.04 with partitioning scheme as per your requirements.
Note: Run all the commands as super-user. We assume that the IP of the Single machine is 10.0.0.1.
Configure the repositories
apt-get install python-software-properties add-apt-repository cloud-archive:havana apt-get update apt-get upgrade
Support packages
RaabitMQ server
apt-get install rabbitmq-server rabbitmqctl change_password guest rabbit_pass
MySQL server
Install MySQL server and related software
apt-get install -y mysql-server python-mysqldb sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf service mysql restart
Other Support Packages
apt-get install ntp vlan bridge-utils sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf sysctl net.ipv4.ip_forward=1
Keystone
Install keystone
apt-get install -y keystone
Create mysql database named keystone and add credentials
mysql -u root -p CREATE DATABASE keystone; GRANT ALL ON keystone.* TO 'keystoneUser'@'%' IDENTIFIED BY 'keystonePass'; quit;
Edit the file /etc/keystone/keystone.conf and edit the following line, so it looks like this
connection = mysql://keystoneUser:keystonePass@10.0.0.1/keystone
Restart the keystone service and sync the database
service keystone restart keystone-manage db_sync
Export the variable to run initial keystone commands
export OS_SERVICE_TOKEN=ADMIN export OS_SERVICE_ENDPOINT=http://10.0.0.1:35357/v2.0
Create admin user, admin tenant, admin role and service tenant. Also add admin user to admin tenant and admin role.
keystone tenant-create --name=admin --description="Admin Tenant" keystone tenant-create --name=service --description="Service Tenant" keystone user-create --name=admin --pass=ADMIN --email=admin@example.com keystone role-create --name=admin keystone user-role-add --user=admin --tenant=admin --role=admin
Create keystone service
keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"
Create keystone endpoint
keystone endpoint-create --service keystone --publicurl=http://10.0.0.1:5000/v2.0 --internalurl=http://10.0.0.1:5000/v2.0 --adminurl=http://10.0.0.1:35357/v2.0
Check the keystone connection and credentials
unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT keystone --os-username=admin --os-password=ADMIN --os-auth-url=http://10.0.0.1:35357/v2.0 token-get
Create a file named creds and add the following lines
export OS_USERNAME=admin export OS_PASSWORD=ADMIN export OS_TENANT_NAME=admin export OS_AUTH_URL=http://10.0.0.1:35357/v2.0
Source the file
source creds
Test the creds file
keystone token-get keystone user-list
Glance (Image Store)
Install Glance
apt-get install -y glance
Create database and credentials for Glance
mysql -u root -p CREATE DATABASE glance; GRANT ALL ON glance.* TO 'glanceUser'@'%' IDENTIFIED BY 'glancePass'; quit;
Create glance related keystone entries
keystone user-create --name=glance --pass=glance_pass --email=glance@example.com keystone user-role-add --user=glance --tenant=service --role=admin keystone service-create --name=glance --type=image --description="Glance Image Service" keystone endpoint-create --service glance --publicurl=http://10.0.0.1:9292 --internalurl=http://10.0.0.1:9292 --adminurl=http://10.0.0.1:9292
Edit /etc/glance/glance-api.conf and edit the following lines
[DEFAULT] sql_connection = mysql://glanceUser:glancePass@10.0.0.1/glance rabbit_host = 10.0.0.1 rabbit_port = 5672 rabbit_userid = guest rabbit_password = rabbit_pass [keystone_authtoken] auth_host = 10.0.0.1 auth_port = 5000 auth_protocol = http admin_tenant_name = service admin_user = glance admin_password = glance_pass [paste_deploy] flavor = keystone
Edit /etc/glance/glance-registry.conf and edit the following lines
sql_connection = mysql://glanceUser:glancePass@10.0.0.1/glance [keystone_authtoken] auth_host = 10.0.0.1 auth_port = 5000 auth_protocol = http admin_tenant_name = service admin_user = glance admin_password = glance_pass [paste_deploy] flavor = keystone
Restart Glance services
service glance-api restart service glance-registry restart
Sync the database
glance-manage db_sync
Download a pre-bundled image for testing
glance image-create --name Cirros --is-public true --container-format bare --disk-format qcow2 --location https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img glance index
Nova(Compute)
Install the Nova services
apt-get install nova-compute nova-novncproxy novnc nova-api nova-ajax-console-proxy nova-cert nova-conductor nova-consoleauth nova-doc nova-scheduler nova-volume python-novaclient
Create database and credentials for Nova
mysql -u root -p CREATE DATABASE nova; GRANT ALL ON nova.* TO 'novaUser'@'%' IDENTIFIED BY 'novaPass'; quit
Create Keystone entries for Nova
keystone user-create --name=nova --pass=nova_pass --email=nova@domain.com keystone user-role-add --tenant=service --user=nova --role=admin keystone service-create --name nova --type compute --description 'OpenStack Compute Service' keystone endpoint-create --service nova --publicurl 'http://10.0.0.1:8774/v2/$(tenant_id)s' --adminurl 'http://10.0.0.1:8774/v2/$(tenant_id)s' --internalurl 'http://10.0.0.1/v2/$(tenant_id)s'
Open /etc/nova/nova.conf and edit the file as follows
[DEFAULT] dhcpbridge_flagfile=/etc/nova/nova.conf dhcpbridge=/usr/bin/nova-dhcpbridge logdir=/var/log/nova state_path=/var/lib/nova lock_path=/var/lock/nova force_dhcp_release=True iscsi_helper=tgtadm libvirt_use_virtio_for_bridges=True connection_type=libvirt root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf verbose=True ec2_private_dns_show_ip=True api_paste_config=/etc/nova/api-paste.ini volumes_path=/var/lib/nova/volumes enabled_apis=ec2,osapi_compute,metadata rpc_backend = nova.rpc.impl_kombu rabbit_host = 10.0.0.1 rabbit_password = rabbit_pass my_ip=10.0.0.1 vncserver_listen=10.0.0.1 novncproxy_base_url=http://10.0.0.1:6080/vnc_auto.html vncserver_proxyclient_address=10.0.0.1 auth_strategy=keystone network_api_class=nova.network.neutronv2.api.API neutron_url=http://10.0.0.1:9696 neutron_auth_strategy=keystone neutron_admin_tenant_name=service neutron_admin_username=neutron neutron_admin_password=neutron_pass neutron_admin_auth_url=http://10.0.0.1:35357/v2.0 firewall_driver=nova.virt.firewall.NoopFirewallDriver security_group_api=neutron [database] connection = mysql://novaUser:novaPass@10.0.0.1/nova [keystone_authtoken] auth_host = 10.0.0.1 auth_port = 5000 auth_protocol = http admin_tenant_name = service admin_user = nova admin_password = nova_pass
Edit /etc/nova/api-paste.ini as follows
[filter:authtoken] auth_host = 127.0.0.1 auth_port = 5000 auth_protocol = http admin_tenant_name = service admin_user = nova admin_password = nova_pass auth_version = v2.0
Sync the nova database
nova-manage db sync
Restart all nova services
cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; cd ;done
Test the Nova installation using the following command
nova-manage service list
The output should be something like this
Binary Host Zone Status State Updated_At nova-cert openstack internal enabled :-) 2014-03-11 10:07:30 nova-consoleauth openstack internal enabled :-) 2014-03-11 10:07:30 nova-conductor openstack internal enabled :-) 2014-03-11 10:07:27 nova-scheduler openstack internal enabled :-) 2014-03-11 10:07:30 nova-compute openstack nova enabled :-) 2014-03-11 10:07:28 nova-console openstack internal enabled :-) 2014-03-11 10:07:27
Also run the following command to check if nova is able to authenticate with keystone server
nova list
Neutron(Networking service)
Install the Neutron services
apt-get install neutron-server neutron-dhcp-agent neutron-plugin-openvswitch-agent openvswitch-switch neutron-l3-agent
Edit the file /etc/sysctl.conf and make the following changes
net.ipv4.ip_forward=1 net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.default.rp_filter=0
Save the file and run the following command to make sure the changes take effect immediately
sysctl -p
Create database and credentials for Neutron
mysql -u root -p CREATE DATABASE neutron; GRANT ALL ON neutron.* TO 'neutronUser'@'%' IDENTIFIED BY 'neutronPass'; quit;
Create Keystone entries for Neutron
keystone user-create --name=neutron --pass=neutron_pass --email=neutron@example.com keystone user-role-add --user=neutron --tenant=service --role=admin keystone service-create --name neutron --type network --description 'OpenStack Networking service' keystone endpoint-create --service neutron --publicurl 'http://10.0.0.1:9696/' --adminurl 'http://10.0.0.1:9696/' --internalurl 'http://10.0.0.1:9696/'
Edit /etc/neutron/neutron.conf
[default] rpc_backend = neutron.openstack.common.rpc.impl_kombu rabbit_host = 10.0.0.1 rabbit_port = 5672 rabbit_userid = guest rabbit_password = rabbit_pass [keystone_authtoken] auth_host = 10.0.0.1 auth_port = 35357 auth_protocol = http admin_tenant_name = service admin_user = neutron admin_password = neutron_pass signing_dir = $state_path/keystone-signing [database] connection = mysql://neutronUser:neutronPass@10.0.0.1/neutron
Open the /etc/neutron/api-paste.ini file and edit it as follows
[filter:authtoken] paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory auth_host = 10.0.0.1 admin_tenant_name = service admin_user = neutron admin_password = neutron_pass
Create bridges
ovs-vsctl add-br br-int ovs-vsctl add-br br-eth1 ovs-vsctl add-port br-eth1 ethx # x=1,2,3 etc as per the ethernet interface
Open /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini and make the following changes
[OVS] tenant_network_type = vlan network_vlan_ranges = default:2000:3999 integration_bridge = br-int bridge_mappings = default:br-eth1 [securitygroup] firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
Edit /etc/neutron/metadata_agent.ini to look like this
[DEFAULT] auth_url = http://localhost:5000/v2.0 auth_region = RegionOne admin_tenant_name = service admin_user = neutron admin_password = neutron_pass metadata_proxy_shared_secret = metadata_pass
Edit /etc/neutron/dhcp_agent.ini to look like this
[DEFAULT] interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq use_namespaces = True
Edit /etc/neutron/l3_agent.ini to look like this
[DEFAULT] interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver use_namespaces = True
service neutron-server restart service neutron-plugin-openvswitch-agent restart service neutron-metadata-agent restart service neutron-dhcp-agent restart service neutron-l3-agent restart
Check if the services are running using the following command
neutron agent-list
The output should be like
+--------------------------------------+--------------------+-----------+-------+----------------+ | id | agent_type | host | alive | admin_state_up | +--------------------------------------+--------------------+-----------+-------+----------------+ | 21b570c8-b822-47de-8d21-30fc08e26e05 | L3 agent | openstack | :-) | True | | 37f64d91-9e8a-43ff-914b-56c9ab9a3e41 | DHCP agent | openstack | :-) | True | | 70e6b9f4-740a-4961-93ff-26a3b3c50397 | Open vSwitch agent | openstack | :-) | True | +--------------------------------------+--------------------+-----------+-------+----------------+
Horizon (OpenStack Dashboard)
apt-get install openstack-dashboard
After installing login using the following credentials
URL : http://10.0.0.1/horizon Username: admin Password: ADMIN
Use the following link to get started with the first instance on OpenStack.
Procedure to get started with the first instance on OpenStack
how can i install cinder?
can i see example??(for cinder)
and if i dont have cinder on horizon, can i create instance?
excellent tutorial. Everything went flawless. Nice work dude
Hi i try to many installation same method
Everything is good
But external network does not working
Best regards and thanks for your nice support.
i am not able to see nova-console entry , all five are appearing. what is the reason of it?
“nova-console openstack internal enabled 🙂 2014-03-11 10:07:27”
above mention entry is not coming. pls reply
Hi
Can you mention while installing OpenStack which document you referred to?
Hi
how can i fix this error please with Openstack Havana in Ubuntu 12.04 LTS:
Error communicating with http://controller:8777 [Errno 111] Connection refused
*ceilometer-agent-central.log :
2014-05-05 23:28:50.633 14745 ERROR ceilometer.openstack.common.rpc.common [-] AMQP server on controller:5672 is unreachable: Socket closed. Trying again in 30 seconds.
2014-05-05 23:31:26.454 16607 ERROR ceilometer.openstack.common.rpc.common [-] Failed to consume message from queue: Socket closed
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common Traceback (most recent call last):
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common File “/usr/lib/python2.7/dist-packages/ceilometer/openstack/common/rpc/impl_kombu.py”, line 577, in ensure
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common return method(*args, **kwargs)
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common File “/usr/lib/python2.7/dist-packages/ceilometer/openstack/common/rpc/impl_kombu.py”, line 657, in _consume
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common return self.connection.drain_events(timeout=timeout)
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common File “/usr/lib/python2.7/dist-packages/kombu/connection.py”, line 281, in drain_events
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common return self.transport.drain_events(self.connection, **kwargs)
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common File “/usr/lib/python2.7/dist-packages/kombu/transport/pyamqp.py”, line 91, in drain_events
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common return connection.drain_events(**kwargs)
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common File “/usr/lib/python2.7/dist-packages/amqp/connection.py”, line 266, in drain_events
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common chanmap, None, timeout=timeout,
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common File “/usr/lib/python2.7/dist-packages/amqp/connection.py”, line 328, in _wait_multiple
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common channel, method_sig, args, content = read_timeout(timeout)
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common File “/usr/lib/python2.7/dist-packages/amqp/connection.py”, line 292, in read_timeout
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common return self.method_reader.read_method()
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common File “/usr/lib/python2.7/dist-packages/amqp/method_framing.py”, line 187, in read_method
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common raise m
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common IOError: Socket closed
2014-05-05 23:31:26.454 16607 TRACE ceilometer.openstack.common.rpc.common
2014-05-05 23:31:26.474 16607 ERROR ceilometer.openstack.common.rpc.common [-] AMQP server on controller:5672 is unreachable: [Errno 111] ECONNREFUSED. Trying again in 1 seconds.
2014-05-05 23:31:27.486 16607 ERROR ceilometer.openstack.common.rpc.common [-] AMQP server on controller:5672 is unreachable: [Errno 111] ECONNREFUSED. Trying again in 3 seconds.
***ceilometer-api.log:
014-05-05 23:53:15.684 17722 INFO keystoneclient.middleware.auth_token [-] Starting keystone auth_token middleware
2014-05-05 23:53:15.685 17722 INFO keystoneclient.middleware.auth_token [-] Using /tmp/keystone-signing-RrLKeq as cache directory for signing certificate
2014-05-05 23:53:15.721 17722 CRITICAL ceilometer [-] command SON([(‘authenticate’, 1), (‘user’, u’ceilometer’), (‘nonce’, u’f4ca9befd11425b4′), (‘key’, u’8c5de2059a054c0ae7afb15c4c946c43′)]) failed: auth fails
Need help pleeease
HI,
When i tried ‘nova-list’ , I am facing this problem
ERROR: Malformed request URL: URL’s project_id ‘f02a0186e3d64224ba1830df5815771c’ doesn’t match Context’s project_id ’57bd47b1129f4a4fba3b9bb7ada7e0f3′ (HTTP 400) (Request-ID: req-a7f0d8d0-f67e-474a-a3a4-5352195ebeb2)
OK,
Many thanks for the explanation. Anyhow, when creating the Nova database in your tutorial, you have the following text there (with “novaUser” not just “nova”):
mysql -u root -p
CREATE DATABASE nova;
GRANT ALL ON nova.* TO ‘novaUser’@’%’ IDENTIFIED BY ‘novaPass’;
quit
Also add the “;” after the “quit” command. It is missing there.
Although there are still some discrepancies, now I know how to proceed and will give it another try. I will keep you informed how this second attempt to succeed the Havana OpenStack deplyment would come out.
Best regards and thanks for your nice support.
Jozef
Sir,
I have finally found your article searching the Internet.It is very interesting to me, as that is what I am going to implement for testing the OpenStack – install it on a single Ubuntu Server 12.04 LTS machine.
Well, the installation began as per your instructions. Everything was going fine until Nova installation was tested. When I issue this command “nova-manage service list”, I got a full list of errors that begin with “2014-04-09 15:34:21.373 3260 CRITICAL nova [req-efdfc0d0-d962-4bb6-92f0-2498fb73d0ca None None] (OperationalError) (1129, “Host ‘XXX.XXX.XXX.XXX’ is blocked because of many connection errors; unblock with ‘mysqladmin flush-hosts'”) None None”. The next few lines read as follows:
2014-04-09 15:34:21.373 3260 TRACE nova Traceback (most recent call last):
2014-04-09 15:34:21.373 3260 TRACE nova File “/usr/bin/nova-manage”, line 10, in
2014-04-09 15:34:21.373 3260 TRACE nova sys.exit(main())
2014-04-09 15:34:21.373 3260 TRACE nova File “/usr/lib/python2.7/dist-packages/nova/cmd/manage.py”, line 1377, in main
Finally here are few final lines of the error sequence:
2014-04-09 15:41:07.978 3266 TRACE nova File “/usr/lib/python2.7/dist-packages/MySQLdb/connections.py”, line 187, in __init__
2014-04-09 15:41:07.978 3266 TRACE nova super(Connection, self).__init__(*args, **kwargs2)
2014-04-09 15:41:07.978 3266 TRACE nova OperationalError: (OperationalError) (1129, “Host ‘192.168.1.51’ is blocked because of many connection errors; unblock with ‘mysqladmin flush-hosts'”) None None
2014-04-09 15:41:07.978 3266 TRACE nova
I tried to unblock the server as proposed with “mysqladmin flush-hosts”, but there was no luck. Please could you let me know what might be the reason for my troubles? Until these errors are removed, I cannot proceed with the installation of Neutron and Horizon, can I?
Many thanks in advance for your nice suppoort.
Jozef
Hi
I too encountered the same problem. I restarted the mysql server and that solved the problem. I will try to reproduce your problem and find the exact way to resolv this issue.
Thanks
Thanks
Hi,
Many thanks for your reply. I am anxious to know your conclusion. Please let me know at your earliest convenience.
Jozef
Hi Jozef
The database user created here is “nova”, in the following command
GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@’%’ IDENTIFIED BY ‘novaPass’;
But in nova.conf sql-connection is
connection = mysql://novaUser:novaPass@10.0.0.1/nova
but it should have been
connection = mysql://nova:novaPass@10.0.0.1/nova
It is an error in the documentation. I will fix it now. Thanks for pointing out.