Cloud · Kilo · OpenStack

OpenStack Kilo on Ubuntu 14.04 LTS and 15.04 – Single machine setup

Install Ubuntu with partitioning scheme as per your requirements. Note: Run all the commands as super-user. We assume that the IP of the Single machine is 10.0.0.1.

Configure the repositories and update the packages.

This step is needed only if the OS is Ubuntu 14.04 LTS. You can skip the repository configuration if the OS is Ubuntu 15.04

apt-get install ubuntu-cloud-keyring
echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu trusty-updates/kilo main" > /etc/apt/sources.list.d/cloudarchive-kilo.list

Update the packages.

apt-get update && apt-get -y upgrade

Note: Reboot is needed only if kernel is updated

reboot 

Support packages

RaabitMQ server

apt-get install -y rabbitmq-server

Change Password for the user ‘guest’ in the rabbitmq-server

rabbitmqctl change_password guest rabbit

MySQL server

Install MySQL server and related software

apt-get install -y mysql-server python-mysqldb

Edit the following lines in /etc/mysql/my.cnf (/etc/mysql/mysql.conf.d/mysqld.cnf in 15.04)

[mysqld]
...
bind-address = 0.0.0.0
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8

Restart MySQL service

service mysql restart

Other Support Packages

apt-get install -y ntp vlan bridge-utils

Edit the following lines in the file /etc/sysctl.conf

net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0

Load the values

sysctl -p

Keystone

Install keystone

apt-get install -y keystone

Create mysql database named keystone and add credentials

mysql -u root -p
mysql> CREATE DATABASE keystone;
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone_dbpass';
mysql> quit

Edit the file /etc/keystone/keystone.conf. Comment the following line

connection = sqlite:////var/lib/keystone/keystone.db

and add the line

connection = mysql://keystone:keystone_dbpass@10.0.0.1/keystone

Restart the keystone service and sync the database

service keystone restart
keystone-manage db_sync

Export the variable to run initial keystone commands

export OS_SERVICE_TOKEN=ADMIN
export OS_SERVICE_ENDPOINT=http://10.0.0.1:35357/v2.0

Create admin user, admin tenant, admin role and service tenant. Also add admin user to admin tenant and admin role.

keystone tenant-create --name=admin --description="Admin Tenant"
keystone tenant-create --name=service --description="Service Tenant"
keystone user-create --name=admin --pass=ADMIN --email=admin@example.com
keystone role-create --name=admin
keystone user-role-add --user=admin --tenant=admin --role=admin

Create keystone service

keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"

Create keystone endpoint

keystone endpoint-create --service=keystone --publicurl=http://10.0.0.1:5000/v2.0 --internalurl=http://10.0.0.1:5000/v2.0 --adminurl=http://10.0.0.1:35357/v2.0

Unset the exported values

unset OS_SERVICE_TOKEN
unset OS_SERVICE_ENDPOINT

Create a file named creds and add the following lines

export OS_USERNAME=admin
export OS_PASSWORD=ADMIN
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://10.0.0.1:35357/v2.0

Source the file

source creds

Test the keysone setup

keystone token-get
keystone user-list

Glance (Image Store)

Install Glance

apt-get install -y glance

Create database and credentials for Glance

mysql -u root -p
CREATE DATABASE glance;
GRANT ALL ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance_dbpass';
quit;

Create glance related keystone entries

keystone user-create --name=glance --pass=glance_pass --email=glance@example.com
keystone user-role-add --user=glance --tenant=service --role=admin
keystone service-create --name=glance --type=image --description="Glance Image Service"
keystone endpoint-create --service=glance --publicurl=http://10.0.0.1:9292 --internalurl=http://10.0.0.1:9292 --adminurl=http://10.0.0.1:9292

Edit /etc/glance/glance-api.conf and edit the following lines

rabbit_password = rabbit
# sqlite_db = /var/lib/glance/glance.sqlite
connection = mysql://glance:glance_dbpass@10.0.0.1/glance

[keystone_authtoken]
identity_uri = http://10.0.0.1:35357
admin_tenant_name = service
admin_user = glance
admin_password = glance_pass

[paste_deploy]
flavor = keystone

Edit /etc/glance/glance-registry.conf and edit the following lines as below

rabbit_password = rabbit
# sqlite_db = /var/lib/glance/glance.sqlite
connection = mysql://glance:glance_dbpass@10.0.0.1/glance

[keystone_authtoken]
identity_uri = http://10.0.0.1:35357
admin_tenant_name = service
admin_user = glance
admin_password = glance_pass

[paste_deploy]
flavor = keystone

Restart Glance services

service glance-api restart
service glance-registry restart

Sync the database

glance-manage db_sync

Download a pre-bundled image for testing

glance image-create --name Cirros --is-public true --container-format bare --disk-format qcow2 --location https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img
glance image-list

Nova(Compute)

Install the Nova services

apt-get install -y nova-api nova-cert nova-conductor nova-consoleauth nova-novncproxy nova-scheduler python-novaclient nova-compute nova-console

Create database and credentials for Nova

mysql -u root -p
mysql> CREATE DATABASE nova;
mysql> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova_dbpass';
mysql> quit

Create Keystone entries for Nova

keystone user-create --name=nova --pass=nova_pass --email=nova@example.com
keystone user-role-add --user=nova --tenant=service --role=admin
keystone service-create --name=nova --type=compute --description="OpenStack Compute"
keystone endpoint-create --service=nova --publicurl=http://10.0.0.1:8774/v2/%\(tenant_id\)s --internalurl=http://10.0.0.1:8774/v2/%\(tenant_id\)s --adminurl=http://10.0.0.1:8774/v2/%\(tenant_id\)s

Open /etc/nova/nova.conf and edit the file as follows

[DEFAULT]
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
libvirt_use_virtio_for_bridges=True
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
enabled_apis=ec2,osapi_compute,metadata
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.0.0.1
vnc_enabled = True
vncserver_listen = 10.0.0.1
vncserver_proxyclient_address = 10.0.0.1
novncproxy_base_url = http://10.0.0.1:6080/vnc_auto.html

network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver

scheduler_default_filters=AllHostsFilter

[database]
connection = mysql://nova:nova_dbpass@10.0.0.1/nova

[oslo_messaging_rabbit]
rabbit_host = 127.0.0.1
rabbit_password = rabbit

[keystone_authtoken]
auth_uri = http://10.0.0.1:5000
auth_url = http://10.0.0.1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = nova
password = nova_pass

[glance]
host = 10.0.0.1

[oslo_concurrency]
lock_path = /var/lock/nova

[neutron]
service_metadata_proxy = True
metadata_proxy_shared_secret = openstack
url = http://10.0.0.1:9696
auth_strategy = keystone
admin_auth_url = http://10.0.0.1:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = neutron_pass

sync the Nova db

nova-manage db sync

Restart all nova services

service nova-api restart ;service nova-cert restart; service nova-consoleauth restart ;service nova-scheduler restart;service nova-conductor restart; service nova-novncproxy restart; service nova-compute restart; service nova-console restart

Test the Nova installation using the following command

nova-manage service list

The output should be something like this

Binary           Host                     Zone             Status     State Updated_At
nova-consoleauth ubuntu                   internal         enabled    :-)   2014-04-19 08:55:13
nova-conductor   ubuntu                   internal         enabled    :-)   2014-04-19 08:55:14
nova-cert        ubuntu                   internal         enabled    :-)   2014-04-19 08:55:13
nova-scheduler   ubuntu                   internal         enabled    :-)   2014-04-19 08:55:13
nova-compute     ubuntu                   nova             enabled    :-)   2014-04-19 08:55:14
nova-console     ubuntu                   internal         enabled    :-)   2014-04-19 08:55:14

Also run the following command to check if nova is able to authenticate with keystone server

nova list

Neutron(Networking service)

Install the Neutron services

apt-get install -y neutron-server neutron-plugin-openvswitch neutron-plugin-openvswitch-agent neutron-common neutron-dhcp-agent neutron-l3-agent neutron-metadata-agent openvswitch-switch

Create database and credentials for Neutron

mysql -u root -p
CREATE DATABASE neutron;
GRANT ALL ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron_dbpass';
quit;

Create Keystone entries for Neutron

keystone user-create --name=neutron --pass=neutron_pass --email=neutron@example.com
keystone service-create --name=neutron --type=network --description="OpenStack Networking"
keystone user-role-add --user=neutron --tenant=service --role=admin
keystone endpoint-create --service=neutron --publicurl http://10.0.0.1:9696 --adminurl http://10.0.0.1:9696  --internalurl http://10.0.0.1:9696

Edit /etc/neutron/neutron.conf and make the following changes in appropriate sections.

[DEFAULT]
......
verbose = True
debug = True
core_plugin = ml2
service_plugins = router
auth_strategy = keystone
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://10.0.0.1:8774/v2
nova_region_name = regionOne
nova_admin_username = nova
nova_admin_tenant_id = 2cd03b576bcd44599e4fdcd15453b6f0
nova_admin_tenant_name = service
nova_admin_password = nova_pass
nova_admin_auth_url = http://10.0.0.1:35357/v2.0
notification_driver=neutron.openstack.common.notifier.rpc_notifier
rpc_backend=rabbit

[agent]
......
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf

[keystone_authtoken]
auth_uri = http://10.0.0.1:35357/v2.0/
auth_url = http://10.0.0.1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = neutron_pass

[database]
......
connection = mysql://neutron:neutron_dbpass@10.0.0.1/neutron

[nova]
......
auth_url = http://10.0.0.1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = regionOne
project_name = service
username = nova
password = nova_pass

[oslo_concurrency]
......
lock_path = /var/lock/neutron/

[oslo_messaging_rabbit]
......
rabbit_host = localhost
rabbit_userid = guest
rabbit_password = rabbit
rabbit_virtual_host = /

Open /etc/neutron/plugins/ml2/ml2_conf.ini and make the following changes

[ml2]
type_drivers=flat,vlan
tenant_network_types=vlan,flat
mechanism_drivers=openvswitch
[ml2_type_flat]
flat_networks=External
[ml2_type_vlan]
network_vlan_ranges=Intnet1:100:200
[ml2_type_gre]
[ml2_type_vxlan]
[securitygroup]
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group=True
[ovs]
bridge_mappings=External:br-ex,Intnet1:br-eth1

We have created two physical networks one as a flat network and the other as a vlan network with vlan ranging from 100 to 200. We have mapped External network to br-ex and Intnet1 to br-eth1. Now Create bridges Note: The naming convention for the ethernet cards may also be like “p4p1”, “em1” from Ubuntu 14.04 LTS. You can use the appropriate interface names below instead of “eth1” and “eth2”.

ovs-vsctl add-br br-int
ovs-vsctl add-br br-eth1
ovs-vsctl add-br br-ex
ovs-vsctl add-port br-eth1 eth1
ovs-vsctl add-port br-ex eth2

According to our set up all traffic belonging to External network will be bridged to eth2 and all traffic of Intnet1 will be bridged to eth1. If you have only one interface(eth0) and would like to use it for all networking then please have a look at https://fosskb.in/2014/06/10/managing-openstack-internaldataexternal-network-in-one-interface.

Edit /etc/neutron/metadata_agent.ini to look like this

[DEFAULT]
auth_url = http://10.0.0.1:5000/v2.0
auth_region = RegionOne
admin_tenant_name = service
admin_user = neutron
admin_password = neutron_pass
metadata_proxy_shared_secret = openstack

Edit /etc/neutron/dhcp_agent.ini to look like this

[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = True

Edit /etc/neutron/l3_agent.ini to look like this

[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True

Sync the db

neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade kilo

Restart all Neutron services

service neutron-server restart; service neutron-plugin-openvswitch-agent restart;service neutron-metadata-agent restart; service neutron-dhcp-agent restart; service neutron-l3-agent restart

Check if the services are running. Run the following command

neutron agent-list

The output should be like

+--------------------------------------+--------------------+--------+-------+----------------+
| id                                   | agent_type         | host   | alive | admin_state_up |
+--------------------------------------+--------------------+--------+-------+----------------+
| 01a5e70c-324a-4183-9652-6cc0e5c98499 | Metadata agent     | ubuntu | :-)   | True           |
| 17b9440b-50eb-48b7-80a8-a5bbabc47805 | DHCP agent         | ubuntu | :-)   | True           |
| c30869f2-aaca-4118-829d-a28c63a27aa4 | L3 agent           | ubuntu | :-)   | True           |
| f846440e-4ca6-4120-abe1-ffddaf1ab555 | Open vSwitch agent | ubuntu | :-)   | True           |
+--------------------------------------+--------------------+--------+-------+----------------+

Users who want to know what happens under the hood can read

  1. How neutron-openvswitch-agent provides L2 connectivity between Instances, DHCP servers and routers
  2. How neutron-l3-agent provides services like routing, natting, floatingIP and security groups
  3. See more of Linux networking capabilities

Horizon (OpenStack Dashboard)

Install OpenStack Web UI using the following command.

apt-get install -y openstack-dashboard

After installing login using the following credentials

URL     : http://10.0.0.1/horizon
Username: admin
Password: ADMIN

Use the following link to get started with the first instance on OpenStack.

Procedure to get started with the first instance on OpenStack

Advertisements

51 thoughts on “OpenStack Kilo on Ubuntu 14.04 LTS and 15.04 – Single machine setup

  1. Hi Johnson,

    i followed the instruction and did worked well untill i login to horizon with admin/ADMIN but it always failed for unauthorization
    could you please help out
    log from apache2[error.log]
    Login successful for user “admin”.
    [Tue Apr 11 05:25:11.957069 2017] [:error] [pid 4163] Unauthorized: {“error”: {“message”: “Expecting to find username or userId in passwordCredentials – the server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error.”, “code”: 400, “title”: “Bad Request”}}

  2. Thank you Johnson. This post is very helpful. I have my openstack up and running VM successfully. One issue I have is that openstack dashboard Horizon response super slow. My google results show that this maybe related with keystone token. Any idea about this? Thanks.

  3. faild to create instance with openstack :/

    block nbd15 receive control failed
    block nbd11 receive control failed
    block nbd10 receive control failed

  4. I am not able to sync the neutron db.

    command: neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade kilo

    Error:
    root@ubuntu:/home/hp/openstack# neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade kilo
    INFO [alembic.migration] Context impl SQLiteImpl.
    INFO [alembic.migration] Will assume non-transactional DDL.
    INFO [alembic.migration] Context impl SQLiteImpl.
    INFO [alembic.migration] Will assume non-transactional DDL.
    INFO [alembic.migration] Running upgrade havana -> e197124d4b9, add unique constraint to members
    Traceback (most recent call last):
    File “/usr/bin/neutron-db-manage”, line 10, in
    sys.exit(main())
    File “/usr/lib/python2.7/dist-packages/neutron/db/migration/cli.py”, line 238, in main
    CONF.command.func(config, CONF.command.name)
    File “/usr/lib/python2.7/dist-packages/neutron/db/migration/cli.py”, line 106, in do_upgrade
    do_alembic_command(config, cmd, revision, sql=CONF.command.sql)
    File “/usr/lib/python2.7/dist-packages/neutron/db/migration/cli.py”, line 72, in do_alembic_command
    getattr(alembic_command, cmd)(config, *args, **kwargs)
    File “/usr/lib/python2.7/dist-packages/alembic/command.py”, line 165, in upgrade
    script.run_env()
    File “/usr/lib/python2.7/dist-packages/alembic/script.py”, line 382, in run_env
    util.load_python_file(self.dir, ‘env.py’)
    File “/usr/lib/python2.7/dist-packages/alembic/util.py”, line 241, in load_python_file
    module = load_module_py(module_id, path)
    File “/usr/lib/python2.7/dist-packages/alembic/compat.py”, line 79, in load_module_py
    mod = imp.load_source(module_id, path, fp)
    File “/usr/lib/python2.7/dist-packages/neutron/db/migration/alembic_migrations/env.py”, line 109, in
    run_migrations_online()
    File “/usr/lib/python2.7/dist-packages/neutron/db/migration/alembic_migrations/env.py”, line 100, in run_migrations_online
    context.run_migrations()
    File “”, line 7, in run_migrations
    File “/usr/lib/python2.7/dist-packages/alembic/environment.py”, line 742, in run_migrations
    self.get_context().run_migrations(**kw)
    File “/usr/lib/python2.7/dist-packages/alembic/migration.py”, line 305, in run_migrations
    step.migration_fn(**kw)
    File “/usr/lib/python2.7/dist-packages/neutron/db/migration/alembic_migrations/versions/e197124d4b9_add_unique_constrain.py”, line 42, in upgrade
    local_cols=[‘pool_id’, ‘address’, ‘protocol_port’]
    File “”, line 7, in create_unique_constraint
    File “/usr/lib/python2.7/dist-packages/alembic/operations.py”, line 797, in create_unique_constraint
    schema=schema, **kw)
    File “/usr/lib/python2.7/dist-packages/alembic/ddl/sqlite.py”, line 34, in add_constraint
    “No support for ALTER of constraints in SQLite dialect”)
    NotImplementedError: No support for ALTER of constraints in SQLite dialect

    1. Solved the issue. This issue is caused by the vif_plugging in nova.conf.
      Added followings in nova.conf
      vif_plugging_is_fatal = False
      vif_plugging_timeout = 0

  5. For my.cnf in the MySQL setup, you have:

    bind-address = 0.0.0.0
    [mysqld]

    default-storage-engine = innodb

    but shouldn’t bind-address be underneath the [mysqld] tag? There is already a bind-address =127.0.0.1 underneath the [mysqld] tag in the code, which I figured was what we were supposed to replace. Like so:

    [mysqld]
    bind-address = 0.0.0.0

    default-storage-engine = innodb

    Just looking for a confirmation one way or the other, seeing as I can’t seem to get it to work the original way, thanks.

  6. Please, is there any difference in performance comparing the fully containerized installation (apt-get install openstack) and this one (installing service-by-service and then integration them)?

  7. In this step
    ovs-vsctl add-port br-ex eth2
    What is the eth2? The eth1 is the interface with IP address 10.0.0.1.

    1. I am using Vagrant.
      A default NAT interface is set by default for vagrant to work.

      I set up a 10.0.0.1 interface which shows up as eth1.
      ip: “10.0.0.1”, :netmask => “255.255.0.0”

      Please help with what should be set up as eth2?

  8. Hi ,
    I am not able to run nova list and nova image-list . i get unauthorized (401) error.
    out put of nova-manage service list ishis issue

    Binary Host Zone Status State Updated_At
    nova-cert sohanUbuntu internal enabled XXX None
    nova-console sohanUbuntu internal enabled XXX None
    nova-scheduler sohanUbuntu internal enabled XXX None
    nova-consoleauth sohanUbuntu internal enabled XXX None
    nova-conductor sohanUbuntu internal enabled XXX None

    where nova compute is missing .

    please help to resolve this issue

    1. In the nova conf file
      /etc/nova/nova.conf

      change logdir=/var/log/nova to log_dir=/var/log/nova

      and restart all the service

  9. I got a error as below when i try to instal in ubuntu 14.04

    root@bng-****-dbg:~# apt-get install ubuntu-cloud-keyring
    Reading package lists… Done
    Building dependency tree
    Reading state information… Done
    E: Unable to locate package ubuntu-cloud-keyring
    root@bng-****-dcbg:~# sudo apt-get install ubuntu-cloud-keyring
    Reading package lists… Done
    Building dependency tree
    Reading state information… Done
    E: Unable to locate package ubuntu-cloud-keyring

    1. you can download the qcow2 image first and then try uploading image in to glance repository by using below command.

      glance image-create –name Cirros –is-public true –container-format bare –disk-format qcow2 < cirros-0.3.0-x86_64-disk.img

      if you get an error unset the proxy and try to upload, it should work.

  10. Thank you Johnson!! your writeup gives very detailed info to setup the openstack kilo. I was able to follow the steps & setup it up in the first shot with out any issues. Thanks you very much for such a detailed info.

      1. I am right now on single Nic. Will be trying it out shortly with two also & post my experiences.

      2. I just need to know how you set up the networking part, that’s where I’m having issues. Every time I run the OVS commands, I loose my internet connection.

  11. After Days of trying and trying, I got it all to work, but I had to take neutron out of the entire mix of things.

    Questions:
    1. the blog post “Managing Openstack Internal/Data/External network in one interface”, it kills my connection to the internet when trying to run the commands for “Single machine setup with 1 interface”.
    Am supposed to run just those commands or something else ?

    2. I think this has already been addressed, but the neutron.conf file that is in this post looks nothing like what is in versions 14 or 15 of ubuntu. ( hope you understand what I’m saying )

  12. Miraculously it all worked except Horizon.

    WARNING: The following packages cannot be authenticated!
    libapr1 libaprutil1 python-django-common python-django python-appconf
    python-compressor python-pyscss python-django-pyscss python-heatclient
    python-openstack-auth python-pint libaprutil1-dbd-sqlite3 libaprutil1-ldap
    apache2-bin apache2-data apache2 libapache2-mod-wsgi python-ceilometerclient
    python-saharaclient python-troveclient python-django-horizon
    openstack-dashboard memcached openstack-dashboard-ubuntu-theme
    Install these packages without verification? [y/N]

    Is this normal ?

  13. Hi, this article is excellent 🙂 But when I set net.ipv4.conf.all.rp_filter=0 and net.ipv4.conf.default.rp_filter=0 how to protect themselves against ATTACK:TCP_SYN?

  14. hey … i have already installing openstack with nova,cinder,glance,keystone,neutron,and horizon. but i want install swift, heat , trove and sahara . can i installing that in single machine for all of service ?

    1. Can u please help me on neutron installation.
      not able to sync db:
      command ran: neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade kilo

      output:
      root@ubuntu:/home/hp/openstack# neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade kilo
      INFO [alembic.migration] Context impl SQLiteImpl.
      INFO [alembic.migration] Will assume non-transactional DDL.
      INFO [alembic.migration] Context impl SQLiteImpl.
      INFO [alembic.migration] Will assume non-transactional DDL.
      INFO [alembic.migration] Running upgrade havana -> e197124d4b9, add unique constraint to members
      Traceback (most recent call last):
      File “/usr/bin/neutron-db-manage”, line 10, in
      sys.exit(main())
      File “/usr/lib/python2.7/dist-packages/neutron/db/migration/cli.py”, line 238, in main
      CONF.command.func(config, CONF.command.name)
      File “/usr/lib/python2.7/dist-packages/neutron/db/migration/cli.py”, line 106, in do_upgrade
      do_alembic_command(config, cmd, revision, sql=CONF.command.sql)
      File “/usr/lib/python2.7/dist-packages/neutron/db/migration/cli.py”, line 72, in do_alembic_command
      getattr(alembic_command, cmd)(config, *args, **kwargs)
      File “/usr/lib/python2.7/dist-packages/alembic/command.py”, line 165, in upgrade
      script.run_env()
      File “/usr/lib/python2.7/dist-packages/alembic/script.py”, line 382, in run_env
      util.load_python_file(self.dir, ‘env.py’)
      File “/usr/lib/python2.7/dist-packages/alembic/util.py”, line 241, in load_python_file
      module = load_module_py(module_id, path)
      File “/usr/lib/python2.7/dist-packages/alembic/compat.py”, line 79, in load_module_py
      mod = imp.load_source(module_id, path, fp)
      File “/usr/lib/python2.7/dist-packages/neutron/db/migration/alembic_migrations/env.py”, line 109, in
      run_migrations_online()
      File “/usr/lib/python2.7/dist-packages/neutron/db/migration/alembic_migrations/env.py”, line 100, in run_migrations_online
      context.run_migrations()
      File “”, line 7, in run_migrations
      File “/usr/lib/python2.7/dist-packages/alembic/environment.py”, line 742, in run_migrations
      self.get_context().run_migrations(**kw)
      File “/usr/lib/python2.7/dist-packages/alembic/migration.py”, line 305, in run_migrations
      step.migration_fn(**kw)
      File “/usr/lib/python2.7/dist-packages/neutron/db/migration/alembic_migrations/versions/e197124d4b9_add_unique_constrain.py”, line 42, in upgrade
      local_cols=[‘pool_id’, ‘address’, ‘protocol_port’]
      File “”, line 7, in create_unique_constraint
      File “/usr/lib/python2.7/dist-packages/alembic/operations.py”, line 797, in create_unique_constraint
      schema=schema, **kw)
      File “/usr/lib/python2.7/dist-packages/alembic/ddl/sqlite.py”, line 34, in add_constraint
      “No support for ALTER of constraints in SQLite dialect”)
      NotImplementedError: No support for ALTER of constraints in SQLite dialect

  15. Hello,

    Thanks for the tuto, which is really helpfull. Unfortunatly, I got an error when try to sync db with “nova-manage db sync”. The thing is, my db isn’t empty after lauching this command, an error message occurs “No handlers could be found for logger “oslo_config.cfg””. Any tip would be usefull 🙂

    PS : Sorry for my english, not my native langage 😀

    1. Okay, I figured this out. You made a mistake in /etc/nova/nova.conf.

      Replace logdir=/var/log/nova by log_dir=/var/log/nova

  16. I get the following error

    # nova list
    ERROR (Unauthorized): Unauthorized (HTTP 401) (Request-ID: req-6e653fd0-7cf4-4c3f-bdc1-eefb66b41f48)

    found references to add
    auth_port =35357
    auth_protocol=http
    in either /etc/nova/nova.conf (under keystone_authtoken) or /etc/nova/api-paste.ini but this does not resolve or change the error message.

    – same issue with nova image-list, but glance image-list and keystone user-list work fine.

    1. I have a similar issue as discussed above – only with nova authentication with Keystone. Glance and keystone are working well.

      Did anybody else encounter this issue. If you have had this resolved, can you please share the solution…

  17. Hi,

    I followed your install procedure step by step two times now and always get this error when creating instances with horizon. only difference is that i am using one flat network instead of the flat+vlan.

    By the way, very nice article 🙂

    This is the error i get in the UI
    Error: Unable to launch instance named “ergteryert656756”.
    Error: The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-d0b5565a-e0dd-49f2-9af9-346fca933d31)

    in the nova-api.log this is what is displayed at the time of the UI error.
    2015-05-18 23:24:23.532 4951 INFO oslo_messaging._drivers.impl_rabbit [req-eb528d3f-ba43-40ed-a5e4-ec58acad83b7 114ad02685464cf0a8df3072150012ed 1cf13d38f8394d259232d88ae5caa5ae – – -] Connecting to AMQP server on 127.0.0.1:5672
    2015-05-18 23:24:23.546 4951 INFO oslo_messaging._drivers.impl_rabbit [req-eb528d3f-ba43-40ed-a5e4-ec58acad83b7 114ad02685464cf0a8df3072150012ed 1cf13d38f8394d259232d88ae5caa5ae – – -] Connected to AMQP server on 127.0.0.1:5672
    2015-05-18 23:25:23.549 4951 ERROR nova.api.openstack [req-eb528d3f-ba43-40ed-a5e4-ec58acad83b7 114ad02685464cf0a8df3072150012ed 1cf13d38f8394d259232d88ae5caa5ae – – -] Caught error: Timed out waiting for a reply to message ID 005da69bf2604557b6f877cd4c82f3bb
    2015-05-18 23:25:23.549 4951 TRACE nova.api.openstack Traceback (most recent call last):
    2015-05-18 23:25:23.549 4951 TRACE nova.api.openstack File “/usr/lib/python2.7/dist-packages/nova/api/openstack/__init__.py”, line 125, in __call__
    2015-05-18 23:25:23.549 4951 TRACE nova.api.openstack return req.get_response(self.application)
    2015-05-18 23:25:23.549 4951 TRACE nova.api.openstack File “/usr/lib/python2.7/dist-packages/webob/request.py”, line 1320, in send
    2015-05-18 23:25:23.549 4951 TRACE nova.api.openstack application, catch_exc_info=False)
    2015-05-18 23:25:23.549 4951 TRACE nova.api.openstack File “/usr/lib/python2.7/dist-packages/webob/request.py”, line 1284, in call_application
    2015-05-18 23:25:23.549 4951 TRACE nova.api.openstack app_iter = application(self.environ, start_response)
    2015-05-18 23:25:23.549 4951 TRACE nova.api.openstack File “/usr/lib/python2.7/dist-packages/webob/dec.py”, line 144, in __call__
    2015-05-18 23:25:23.549 4951 TRACE nova.api.openstack return resp(environ, start_response)


    and then
    2015-05-18 23:25:23.549 4951 TRACE nova.api.openstack MessagingTimeout: Timed out waiting for a reply to message ID 005da69bf2604557b6f877cd4c82f3bb

  18. Thank you for the instructions. I was looking forward to getting Kilo running. I have not been able to get this installation to work. Here are some of my comments and workarounds so far –
    1. Up nova installation it was working fine.
    2. nova.conf file had multiple problems when issuing command nova-manage db sync. To resolve the errors, I had to create a section in nova.conf for
    [oslo_messaging_rabbit]
    rabbit_host=127.0.0.1
    rabbit_password=rabbit
    rabbit_username=quest
    [oslo_concurrency]
    lock_path=/var/lock/nova
    3. My nova-api service doesn’t start. This causes the “nova list” command to fail. I have been unable to start nova-api. Still trying to resolve the issue.

    Thank You

  19. Hi,
    There are still some errors in this post.
    Plz replace this section
    [neutron]
    network_api_class=nova.network.neutronv2.api.API
    neutron_url=http://10.0.0.1:9696
    neutron_auth_strategy=keystone
    neutron_admin_tenant_name=service
    neutron_admin_username=neutron
    neutron_admin_password=neutron_pass
    neutron_metadata_proxy_shared_secret=openstack
    neutron_admin_auth_url=http://10.0.0.1:35357/v2.0
    linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
    firewall_driver=nova.virt.firewall.NoopFirewallDriver
    security_group_api=neutron
    vif_plugging_is_fatal: false
    vif_plugging_timeout: 0

    the correct config is :
    [DEFAULT]
    ….
    network_api_class=nova.network.neutronv2.api.API
    linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
    firewall_driver=nova.virt.firewall.NoopFirewallDriver
    security_group_api=neutron
    vif_plugging_is_fatal= false
    vif_plugging_timeout= 0
    [neutron]
    url=http://10.0.0.1:9696
    auth_strategy=keystone
    admin_tenant_name=service
    admin_username=neutron
    admin_password=neutron_pass
    metadata_proxy_shared_secret=openstack
    admin_auth_url=http://10.0.0.1:5000/v2.0

    That’s all

  20. There’s a problem with nova.conf file when I use the latest 15.04 and follow your steps. Neutron won’t allow nova to connect and update configuration because the following config items aren’t being recognized:
    “`
    neutron_url=http://10.0.0.1:9696
    neutron_auth_strategy=keystone
    neutron_admin_tenant_name=service
    neutron_admin_username=neutron
    neutron_admin_password=neutron_pass
    neutron_metadata_proxy_shared_secret=openstack
    neutron_admin_auth_url=http://10.0.0.1:35357/v2.0
    “`

    I found I was able to fix this by simply putting them in a new config group at the bottom of the file like so:

    “`
    [neutron]
    url=http://10.0.0.1:9696
    auth_strategy=keystone
    admin_tenant_name=service
    admin_username=neutron
    admin_password=neutron_pass
    metadata_proxy_shared_secret=openstack
    admin_auth_url=http://10.0.0.1:35357/v2.0
    “`

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s