devstack ocata on ubuntu 16.04 setup

Article below is more like memo to myself about how to fast setup devstack based private cloud on ubuntu 16.04. It might take several hourse or days solving all kind of issue related to different part of openstack and system configuration if start proccess without good stack knowledge. Or detailed step-by-step notes from previous successfull installation. I hope it will save some hours to me next time.

Install Ubuntu 16.04

Create bootable USB drive from ubuntu iso

wget http://ubuntu.volia.net/ubuntu-releases/xenial/ubuntu-16.04.3-server-amd64.iso
dd if=ubuntu-16.04.3-server-amd64.iso of=/dev/sdb

Install server minimum (+ ssh server)

Remove virtualization tools if accidentaly choosen

sudo apt-get remove --purge qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils

Update all components

sudo su -
apt update
apt upgrade

 Disable IPv6

cat <<EOF >>//etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.all.rp_filter=0
net.ipv4.ip_forward=1
net.ipv4.conf.all.proxy_arp = 1
net.ipv4.conf.all.proxy_arp_pvlan = 1
EOF
sysctl -p
 Switch to static IP
vim /etc/network/interfaces
# The primary network interface
auto enp3s0
iface enp3s0 inet static
    address 10.9.8.254
    netmask 255.255.255.0
    gateway 10.9.8.241
    dns-search local
    dns-nameservers 10.9.8.241
 visudo
# User privilege specification
root    ALL=(ALL:ALL) NOPASSWD:ALL
 
# Members of the admin group may gain root privileges
%admin ALL=(ALL) NOPASSWD:ALL
 
# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) NOPASSWD:ALL

 Add ssh key to user(s)

echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCv1hNcFg6w3pOLPDdoc+WdBegk1a9VspjV9MaHTeJm6W1InpyBsSEzg/WUeQT9qfIin8dmjX8tRY9clGsp8xzrpiT2I/3mN8dgLvCfpWlNYNUkIPL5LlerbUmm9N0bnTm8OUpykBY8QPU2xJH9SB4fUDCOQ9kQOuoS/0CKNlainXQCrKpt50BHC4QdSsVwemN5Gqj5O2LqzAQGZBfykuY6WJU1ab/0YmgOcwb6QNP/KuI+biceZr3B49rroCN1/YWVCDVd6j7Wu898a5vh3qsQ0q/acBKrI7mdix+Lbc+TJfKfWVl89wAFOCmswMJku+nhj+kt5STDFklvRAFnuPg/ oliutyi@server' >~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

 reboot

reboot

Devstack setup

 Clone devstack

cd /opt
git clone https://git.openstack.org/openstack-dev/devstack
cd devstack/
git checkout stable/ocata

 Create stack user

/opt/devstack/tools/create-stack-user.sh
chown stack:stack /opt/devstack/ -R

Create config

vi /opt/devstack/local.conf

 Minimal config

[[local|localrc]]
FLOATING_RANGE=10.9.8.224/28
FIXED_RANGE=10.11.12.0/24
FIXED_NETWORK_SIZE=256
FLAT_INTERFACE=enp3s0
ADMIN_PASSWORD=password_1
DATABASE_PASSWORD=password_2
RABBIT_PASSWORD=password_3
SERVICE_PASSWORD=password_4

 More settings

[[local|localrc]]
IP_VERSION=4
HOST_IP=10.9.8.254
FLAT_INTERFACE=enp3s0
FLOATING_RANGE=10.9.8.224/28
IPV4_ADDRS_SAFE_TO_USE=10.9.9.0/24
FIXED_RANGE=10.11.12.0/24
FIXED_NETWORK_SIZE=256
ADMIN_PASSWORD=password_1
DATABASE_PASSWORD=password_2
RABBIT_PASSWORD=password_3
SERVICE_PASSWORD=password_4
VOLUME_GROUP_NAME="stack-volumes"
VOLUME_NAME_PREFIX="volume-"
VOLUME_BACKING_FILE_SIZE=100G

 start installation

su - stack
cd /opt/devstack/
./stack.sh

Finish

=========================
DevStack Component Timing
=========================
Total runtime 749

run_process 55
test_with_retry 3
apt-get-update 2
pip_install 72
restart_apache_server 14
wait_for_service 13
apt-get 13
=========================

This is your host IP address: 10.9.8.254
Horizon is now available at http://10.9.8.254/dashboard
Keystone is serving at http://10.9.8.254/identity/
The default users are: admin and demo
The password: AdminPass13
2017-10-04 23:56:18.294 | WARNING:
2017-10-04 23:56:18.294 | Using lib/neutron-legacy is deprecated, and it will be removed in the future
DevStack Version: ocata
Change: 8cb43d098ca88ce57ec216423c009cccd07f1299 Use "pip list" in check_libs_from_git 2017-10-02 11:09:56 -0400
OS Version: Ubuntu 16.04 xenial

2017-10-04 23:56:18.295 | stack.sh completed in 749 seconds.

 

Connect storage

apt install nfs-common
mkdir /storage
mount.nfs storage.local:/volume1/backup /storage

Import Images

http://10.9.8.254/dashboard/project/api_access/

export OS_AUTH_URL=http://10.9.8.254/identity/v3
export OS_PROJECT_ID=7da2ddbd9df5404da160a42eb7594ff2
export OS_PROJECT_NAME="demo"
export OS_USER_DOMAIN_NAME="Default"
unset OS_TENANT_ID
unset OS_TENANT_NAME
export OS_USERNAME="admin"
export OS_PASSWORD=Password1
export OS_REGION_NAME="RegionOne"
export OS_INTERFACE=public
export OS_IDENTITY_API_VERSION=3
glance image-create --name DB --min-disk 5 --min-ram 1 --disk-format qcow2 --container-format bare --progress --file /storage/openstack/db-2017-10-01.qcow2;
glance image-create --name HOME --min-disk 5 --min-ram 1 --disk-format qcow2 --container-format bare --progress --file /storage/openstack/home-2017-10-01.qcow2;
glance image-create --name NOC --min-disk 5 --min-ram 1 --disk-format qcow2 --container-format bare --progress --file /storage/openstack/noc-2017-10-01.qcow2;
glance image-create --name JIRA --min-disk 5 --min-ram 1 --disk-format qcow2 --container-format bare --progress --file /storage/openstack/jira-2017-10-01.qcow2;
glance image-create --name WIKI --min-disk 5 --min-ram 1 --disk-format qcow2 --container-format bare --progress --file /storage/openstack/wiki-2017-10-01.qcow2;

Compress qcow2 images

prepare

before image creation important to fill empty disk spaces with zeroes

# 70GB disk space zeroed by
dd if=/dev/zero of=/zerofile bs=1M count=70k
rm /zerofile
# zero to swapfile (or partition)
swopoff -a
dd if=/dev/zero of=/swapfile1 bs=1K count=1M
mkswap /swapfile1
swapon -a

compress

qemu-img convert -O qcow2 -c /storage/openstack/wiki-2017-10-08.qcow /storage/openstack/wiki-2017-10-08-zip.qcow

result

-rw-r----- user users 8.0G Oct 8 13:22 wiki-2017-10-08.qcow
-rw-r--r-- user users 5.5G Oct 8 13:36 wiki-2017-10-08-zip.qcow

Create Floating IP

openstack floating ip create --floating-ip-address 10.9.8.228 271e91f2-65a9-4cd0-b709-b5346a33f95c
openstack floating ip list

Open firewall on Openstack

nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
nova secgroup-add-rule default tcp 80 80 0.0.0.0/0
nova secgroup-add-rule default tcp 443 443 0.0.0.0/0
nova secgroup-add-rule default tcp 8080 8080 0.0.0.0/0
nova secgroup-add-rule default tcp 8090 8090 0.0.0.0/0
nova secgroup-add-rule default tcp 10051 10051 0.0.0.0/0
nova secgroup-add-rule default tcp 10050 10050 0.0.0.0/0

Change Application settings

Change DB settings for Confluence

vi /var/atlassian/application-data/confluence/confluence.cfg.xml
/etc/init.d/confluence stop
/etc/init.d/confluence start

Postgress network check

 vi /etc/postgresql/9.3/main/pg_hba.conf

Zabbix DB settings

 vi /etc/zabbix/zabbix_server.conf
 vi /etc/zabbix/web/zabbix.conf.php

Leave a Reply

Your email address will not be published. Required fields are marked *