This chapter describes how to install a virtual lab in preparation for the Certified OpenStack Administrator exam. You will use the DevStack, PackStack, or MicroStack tools for this installation. This chapter does cover exam questions.
Installing Vanilla OpenStack with the DevStack Tool
You have a lot of options for how to create your test environment. I introduce several of them in this chapter. First, let’s look at the most generic method of OpenStack installation. In this case, you install all services from scratch on one PC or virtual machine. You can use one of the common GNU/Linux distributions, such as Ubuntu, Fedora, or CentOS. Since this method is very generic, you probably need some adaptations for your particular environment. More specific examples are given later in this chapter.
I recommend using a virtual desktop environment, such as VirtualBox, VMware Workstation, or KVM with Virtual Machine Manager, also called virt-manager (see Figure 2-1). Virtual Machine Manager is probably the best if you use GNU/Linux as a host. I recommend at least 16 GB of memory for VM, where you install all the OpenStack services.
A screenshot of the virtual machine manager window depicts the installation of the CentOS.
Figure 2-1
Virtual Machine Manager
First, you need the OS installed with access to standard repos. Then you need to get the DevStack tool from GitHub. The main purpose of this tool is to prepare the environment for OpenStack developers, but you can use it to create this learning environment. The following instructions are for the most recent Ubuntu LTS releases.
The following creates a stack user to run DevStack by changing the ownership of /opt/devstack to the stack user, installing the Git tool, and downloading DevStack.
Resolving deltas: 100% (34874/34874), done.stack@devstack:~$ cd devstack
DevStack uses a special file located in the root directory with instructions that describe how to configure OpenStack services. You can find several examples on the DevStack website (http://docs.openstack.org/developer/devstack/), or you can use the following minimal example of the local.conffile.
[[local|localrc]]
ADMIN_PASSWORD="apress"
SERVICE_PASSWORD="apress"
RABBIT_PASSWORD="apress"
DATABASE_PASSWORD="apress"
SWIFT_HASH=s0M3hash1sh3r3
SWIFT_REPLICAS=1
LOGFILE=/opt/stack/logs/stack.sh.log
SCREEN_LOGDIR=/opt/stack/logs
Now you need to run the stack.shscript from the devstack directory and wait for it to load.
Here is an example.
stack@devstack:/opt/devstack$ ./stack.sh
...
=========================
DevStack Component Timing
(times are in seconds)
=========================
wait_for_service 12
pip_install 172
apt-get 254
run_process 25
dbsync 6
git_timed 989
apt-get-update 1
test_with_retry 4
async_wait 82
osc 213
-------------------------
Unaccounted time 183
=========================
Total runtime 1941
=================
Async summary
=================
Time spent in the background minus waits: 361 sec
Elapsed time: 1941 sec
Time if we did everything serially: 2302 sec
Speedup: 1.18599
This is your host IP address: 192.168.122.7
This is your host IPv6 address: ::1
Horizon is now available at http://192.168.122.7/dashboard
Keystone is serving at http://192.168.122.7/identity/
Installation can take some time. In the end, you can source OpenRC in your shell and then use the OpenStack command-line tool to manage your environment. The process can be different in different environments or with different versions of OS. You may probably have to debug some errors. For a more predictable way of installing, see the next section.
Installing RDO OpenStack Distribution with PackStack
PackStack (https://wiki.openstack.org/wiki/Packstack) is another tool that can be used to install OpenStack. The main purpose of PackStack is to prepare OpenStack’s test environments with rpm-based distributions. Under the hood, PackStack uses Puppet modules to deploy one or several OpenStack nodes. The easiest and most predictable way to use PackStack is with CentOS Stream 9. The other option to use with PackStack is Red Hat Enterprise Linux.
Let’s start with OS preparation. First, you must install CentOS Stream 9 with the Minimal or Server with GUI option. I recommend that the Server with GUI option have a local browser in case you want to access services not exposed externally by default. For example, you can mention the RabbitMQ console.
Next, add additional repositories that contain the last version of OpenStack and some supplementary packages.
# dnf config-manager --enable crb
# dnf install -y centos-release-openstack-yoga
After adding the repos, you should update the packages and reboot your test server.
# dnf -y update
# reboot
With older versions of CentOS or RHEL, you must disable Network Manager and enable the Network service. But since CentOS Stream 9 is used, it is okay to skip this step. Now everything is ready, and you can install the PackStack tool.
# dnf install -y openstack-packstack
There were known issues with SELinux policies when this chapter was written. For a workaround, please disable SELinux enforcing mode.
# setenforce 0
To keep SELinux in permissive mode after reboot, you must edit the /etc/sysconfig/selinux file. It should contain the following line.
SELINUX=permissive
Now you can just run the packstack --allinonecommand, but I recommend another change to generate the answers file for PackStack.
# packstack --gen-answer-file answer-file.txt
Now you are ready to edit the answer-file.txt. This file contains a lot of different options. Some of them are documented in Table 2-1.
Table 2-1
PackStack Options
Option with Example
Definition
CONFIG_<name of component>_INSTALL=y
Specify y to install the OpenStack component. <name of component> can be CINDER, GLANCE, NOVA, NEUTRON, and so forth; for example, CONFIG_SWIFT_INSTALL=y.
CONFIG_DEFAULT_PASSWORD=password
This is the default password used everywhere (overridden by passwords set for individual services or users).
CONFIG_NTP_SERVERS=192.168.1.1,192.168.1.2
This is a comma-separated list of NTP servers.
CONFIG_CONTROLLER_HOST= 192.168.122.10
This is a comma-separated list of servers on which to install OpenStack services specific to the controller role.
CONFIG_COMPUTE_HOSTS= 192.168.122.10
This is a list of servers on which to install the compute service.
CONFIG_NETWORK_HOSTS= 192.168.122.10
This is a list of servers on which to install the network service.
CONFIG_AMQP_BACKEND=rabbitmq
This is the service used as the AMQP broker; usually rabbitmq.
CONFIG_AMQP_HOST= 192.168.122.10
This is the IP address of the server on which to install the AMQP service.
CONFIG_AMQP_ENABLE_SSL=n
Specify y to enable SSL for the AMQP service.
CONFIG_USE_EPEL=y
Specify y to enable the EPEL repository (Extra Packages for Enterprise Linux). You need to do that if you are using CentOS or Oracle Linux.
CONFIG_KEYSTONE_ADMIN_PW=password
This is the password for the identity service admin user.
CONFIG_KEYSTONE_DEMO_PW=password
This is the password for the identity service demo user.
CONFIG_GLANCE_BACKEND=file
This is the storage back end for the image service (controls how it stores disk images). Valid options are file or swift.
CONFIG_CINDER_BACKEND=lvm
This is the storage back end for the block storage service. Valid options are lvm, gluster, nfs, vmdk, or netapp.
CONFIG_CINDER_VOLUMES_CREATE=y
Specify y to create the block storage volumes group. PackStack creates a raw disk image in /var/lib/cinder and mounts it using a loopback device.
CONFIG_CINDER_VOLUMES_SIZE=20G
This is the size of the block storage volumes group.
CONFIG_NEUTRON_FWAAS=y
Specify y to configure OpenStack Networking’s firewall-as-a-service (FWaaS).
CONFIG_NEUTRON_VPNAAS=y
Specify y to configure OpenStack Networking’s VPN-as-a-service (VPNaaS).
CONFIG_SAHARA_INSTALL=y
CONFIG_HEAT_INSTALL=y
CONFIG_TROVE_INSTALL=n
CONFIG_SWIFT_STORAGE_SIZE=2G
Specify y to install the OpenStack data processing service (Sahara).
Specify y to install OpenStack orchestration service (Heat).
Specify y to install the OpenStack database service (Trove).
This is the size of the object storage loopback file storage device.
CONFIG_PROVISION_DEMO=y
Specify y to provision for demo usage and testing.
It is best to at least change the following options.
CONFIG_DEFAULT_PASSWORD=password
CONFIG_KEYSTONE_ADMIN_PW=password
CONFIG_KEYSTONE_DEMO_PW=password
CONFIG_PROVISION_DEMO=y
You should certainly use your own password instead of password. If you want to play with Heat, OpenStack’s orchestration service, I advise you to enable it. Heat is not required for recent versions of the COA exam, but you can still find corresponding labs in this book’s appendix.
CONFIG_HEAT_INSTALL=y
It can also be wise to point your host to an external NTP server, especially if you add additional nodes in the future. The time must be synced among all the nodes.
CONFIG_NTP_SERVERS=<IP address of NTP server>
Now you are ready to run PackStack.
# packstack --answer-file answer-file.txt
You must wait until PackStack completes all of its tasks. It can take 10 to 20 minutes. While working, the tool reports all that is happening at each stage. The following is an example.
Welcome to the Packstack setup utility
The installation log file is available at: /var/tmp/packstack/20220711-154722-0ggeuec9/openstack-setup.log
Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
Setting up ssh keys [ DONE ]
...
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]
**** Installation completed successfully ******
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS plugin. Geneve will be used as the encapsulation method for tenant networks
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* Warning: NetworkManager is active on 192.168.122.10. OpenStack networking currently does not work on systems that have the Network Manager service enabled.
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.122.10. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.122.10/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* The installation log file is available at: /var/tmp/packstack/20220711-154722-0ggeuec9/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20220711-154722-0ggeuec9/manifests
Tip
You can re-run PackStack with option -d if you need to update the configuration.
The PackStack log output contains the IP address and URL of the OpenStack dashboard, where you can connect using the admin or demo username and your password.
Using the command line, you can source one of the RC files, /root/keystonerc_admin or /root/keystonerc_demo, and execute some test commands. For example, let’s get a list of the hypervisors.
If you have enough resources for additional compute virtual machines, you can add a server at the PackStack configuration and re-run the installation. For the second new server, you can repeat some of the steps you did for the first server.
# dnf config-manager --enable crb
# dnf install -y centos-release-openstack-yoga
# dnf -y update
# reboot
# setenforce 0
And again, to keep SELinux in permissive mode after reboot, you must edit the /etc/sysconfig/selinux file.
SELINUX=permissive
At the first server where you initially deployed PackStack, you need to add the IP of the second server to the CONFIG_COMPUTE_HOSTS configuration parameter.
Ensure that the key CONFIG_NETWORK_HOSTS exists and is set to the IP address of your first host.
Run PackStack at the first server again, specifying your modified answer file. This time, you are also asked for the root password at the second server.
# packstack --answer-file answer-file.txt
Welcome to the Packstack setup utility
The installation log file is available at: /var/tmp/packstack/20220728-142909-5oau1d25/openstack-setup.log
MicroStack (https://microstack.run/) allows you to create an OpenStack test lab. It is a Canonical project based on the snap tool (https://snapcraft.io/). MicroStack quickly installs OpenStack on a single machine. The supported services include Glance, Horizon, Keystone, Neutron (with OVN), and Nova.
Note
You cannot run all the labs in this book using MicroStack! You must use other options for the Cinder, Swift, and Heat examples in this book.
The installation step consists solely of installing a MicroStack snap.
This chapter discussed installing a virtual lab in preparation for the Certified OpenStack Administrator exam. You can choose between the DevStack, PackStack, or MicroStack tools for this installation.
