You can support us by downloading this article as PDF from the Link below. Download the guide as PDF

Hello good people!. In today’s guide I want us cover how you can install and Configure OpenStack Ussuri on CentOS 8 Linux Server. This guide is not for installation of highly available, Production OpenStack Cloud on CentOS 8 servers but fit for POC and home Labs. OpenStack is free and open-source software platform for created to help users build Private cloud environments or customer facing clouds. The main components of OpenStack that we will cover in this guide are:

  • Cinder – Block storage service
  • Neutron – Networking service
  • Nova – Compute
  • Swift – Object storage service
  • Keystone – Identity Service
  • Heat – Orchestration Service
  • Glance – image service
  • Horizon – Dashboard

As stated earlier this installation is done on a single physical server with below Hardware specs:

Memory: 128GB RAM
CPU: Intel(R) Xeon(R) CPU E5-1650 v2 @ 3.50GHz (12 cores)
Disk: 3 x 4TB SATA
Network: 1Gbit
IPV4 Adresses: 1 x IPV4 + /28 Subnet (14 IPs)


------------------------------------------------------------
$ grep -c ^processor /proc/cpuinfo 
12

$ free -h
              total        used        free      shared  buff/cache   available
Mem:           125G        207M        125G         21M        244M        124G
Swap:            0B          0B          0B

$ lsblk 
NAME  MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
loop0   7:0    0    3G  1 loop 
sda     8:0    0  3.7T  0 disk 
sdb     8:16   0  3.7T  0 disk 
sdc     8:32   0  3.7T  0 disk 
sdd     8:32   0  3.7T  0 disk 

This is not to say the hardware requirements must match above to give the perspective of what we’re working on.

Step 1: Pre-setup requirements

As our installation of OpenStack on CentOS 8 will be using Packstack we need to disable some services such as firewalld and NetworkManager to ensure our installation is successful. We will install network-scripts package before disabling NetworkManager service. This provides the network service that is used to manage networking on a CentOS 8 system.

sudo dnf install -y network-scripts
sudo systemctl disable --now firewalld NetworkManager
sudo systemctl enable network && sudo systemctl start network

Disable deprecated warnings:

sudo touch /etc/sysconfig/disable-deprecation-warnings

Confirm the status of the network service:

$ systemctl status network
● network.service - LSB: Bring up/down networking
   Loaded: loaded (/etc/rc.d/init.d/network; generated)
   Active: active (exited) since Fri 2020-07-03 17:36:41 CEST; 11s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 14766 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=0/SUCCESS)

Jul 03 17:36:40 osp.computingforgeeks.com systemd[1]: Starting LSB: Bring up/down networking...Jul 03 17:36:40 osp.computingforgeeks.com network[14766]: WARN      : [network] You are using 'network' service provided by 'network-scripts', which are now de>
Jul 03 17:36:40 osp.computingforgeeks.com network[14766]: WARN      : [network] 'network-scripts' will be removed in one of the next major releases of RHEL.Jul 03 17:36:40 osp.computingforgeeks.com network[14766]: WARN      : [network] It is advised to switch to 'NetworkManager' instead for network management.
Jul 03 17:36:41 osp.computingforgeeks.com network[14766]: Bringing up loopback interface:  [  OK  ]
Jul 03 17:36:41 osp.computingforgeeks.com network[14766]: Bringing up interface enp5s0:  ERROR     : [ipv6_set_default_route] Given IPv6 default gateway 'fe80:>
Jul 03 17:36:41 osp.computingforgeeks.com network[14766]: [  OK  ]
Jul 03 17:36:41 osp.computingforgeeks.com systemd[1]: Started LSB: Bring up/down networking.

Confirm your DNS is working great:

$ ping -c 2 google.com
PING google.com(arn09s11-in-x0e.1e100.net (2a00:1450:400f:807::200e)) 56 data bytes
64 bytes from arn09s11-in-x0e.1e100.net (2a00:1450:400f:807::200e): icmp_seq=1 ttl=120 time=7.27 ms64 bytes from arn09s11-in-x0e.1e100.net (2a00:1450:400f:807::200e): icmp_seq=2 ttl=120 time=7.34 ms

--- google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 3ms
rtt min/avg/max/mdev = 7.269/7.306/7.343/0.037 ms

Also disable SELinux to avoid troubleshooting headaches.

sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config

Set your server hostname.

sudo hostnamectl set-hostname openstackcloud.example.com --static

Ensure local name resolution is working.

$ sudo vim /etc/hosts
192.168.21.20 openstackcloud.example.com

Finally, update your system and install basic utilities.

sudo dnf -y install vim wget curl telnet bash-completion network-scripts dnf-utils

Step 2: Install Packstack packages

Add the OpenStack Ussuri release repository to your CentOS 8 machine. If you’re using this article when there is a newer release of OpenStack, replace stein with release name.

sudo dnf config-manager --enable PowerTools
sudo dnf install -y centos-release-openstack-ussuri
sudo dnf -y update

Once the repository has been added, install packstack package for CentOS.

sudo dnf install -y openstack-packstack

Enable the Advanced Virt Modules:

sudo dnf -y module enable virt

Update system:

sudo dnf update -y
sudo systemctl reboot

Step 3: Deploy OpenStack on CentOS 8 with packstack

There are two way you can deploy OpenStack on CentOS 8 with packstack.

Method 1: Simple single node OpenStack deployment – default values (Only for simple POC)

For a single node OpenStack deployment, run the following command:

sudo packstack --allinone

To disable the demo provisioning use:

sudo packstack --allinone --provision-demo=n

Method 2: Customized Single node installation

We need to generate a configuration file that will be used to install OpenStack Cloud with Packstack. This file has information like services to install, storage configuration, networking e.t.c.

sudo packstack \
  --keystone-admin-passwd='MySr0ngAdminPassw0rd' \
  --cinder-volumes-create=n \
  --provision-demo=n \
  --os-heat-install=y \
  --os-ceilometer-install=y \
  --os-horizon-ssl=n \
  --os-neutron-ml2-mechanism-drivers=openvswitch \
  --os-neutron-ml2-tenant-network-types=vxlan \
  --os-neutron-ml2-type-drivers=vxlan,flat,vlan \
  --os-neutron-l2-agent=openvswitch \
  --nova-libvirt-virt-type=kvm \
  --os-swift-storages=/dev/sdc \
  --os-swift-storage-fstype=xfs \
  --gen-answer-file /root/packstack-answers.txt

Where:

  • /dev/sdc is a raw define to be used by Swift object storage. I can also be a partition e.g /dev/sdc1. If you don’t have a raw disk you can remove the line and specify the size of loopback device with e.g –os-swift-storage-size=20GB
  • MySr0ngAdminPassw0rd is the Admin user password.

Review the file generated to ensure correct values are set fit for your deployment.

sudo vi /root/packstack-answers.txt

Prepare Cinder Volumes

I’ll be using LVM partition for Cinder logical volume to be created – cinder-volumes.

For this I have /dev/sdd and /dev/sde in my Server. I’ll create a raid 0 device from the two disks.

$ sudo  mdadm --create --verbose /dev/md2 --level=0 --raid-devices=2 /dev/sdd /dev/sde
mdadm: chunk size defaults to 512K
mdadm: Defaulting to version 1.2 metadata
mdadm: array /dev/md2 started.

Then create Physical Volume, Volume Group and Thin Pool for Cinder:

$ sudo pvcreate /dev/md2
Physical volume "/dev/md2" successfully created.

$ sudo vgcreate cinder-volumes /dev/md2
Volume group "cinder-volumes" successfully created

$ sudo lvcreate -l 100%FREE -T cinder-volumes/cinder-volumes-pool
Logical volume "cinder-volumes-pool" created.

Cleaning LVM and Raid devices

If you ever want to redo this use the commands below to clean LVM and RAID device.

# ONLY RUN IF YOU WANT TO DESTROY LOGICAL VOLUME AND RAID DEVICES
sudo vgremove cinder-volumes
sudo mdadm --stop /dev/md2
sudo mdadm --zero-superblock /dev/sdd
sudo mdadm --zero-superblock /dev/sdbe

This can also be done on standard partitions without Raid device. See below example.

$ sudo pvcreate /dev/sdd1
Physical volume "/dev/sdd1" successfully created. 

$ sudo vgcreate cinder-volumes /dev/sdd1
Volume group "cinder-volumes" successfully created

$ sudo lvcreate -l 100%FREE -T cinder-volumes/cinder-volumes-pool
  Logical volume "cinder-volumes-pool" created.

If you don’t have any raw device or free partition you can as well use loopback device using the –cinder-volumes-create=y while generating the answers.txt file or by adding the line CINDER_VOLUMES_CREATE=y directly to the file.

Install OpenStack on CentOS 8 with Packstack

Now that we have answers file to be used, we can bootstrap an OpenStack Cloud using packstack command line.

sudo packstack --answer-file /root/packstack-answers.txt --timeout=1500 | tee packstrack-output.txt

See below installation output.

......
Installing:
Clean Up                                             [ DONE ]
Discovering ip protocol version                      [ DONE ]
Setting up ssh keys                                  [ DONE ]
Preparing servers                                    [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries                        [ DONE ]
Setting up CACERT                                    [ DONE ]
Preparing AMQP entries                               [ DONE ]
Preparing MariaDB entries                            [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries                           [ DONE ]
Preparing Glance entries                             [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries                             [ DONE ]
Preparing Nova API entries                           [ DONE ]
Creating ssh keys for Nova migration                 [ DONE ]
Gathering ssh host keys for Nova migration           [ DONE ]
Preparing Nova Compute entries                       [ DONE ]
Preparing Nova Scheduler entries                     [ DONE ]
Preparing Nova VNC Proxy entries                     [ DONE ]
Preparing OpenStack Network-related Nova entries     [ DONE ]
Preparing Nova Common entries                        [ DONE ]
Preparing Neutron API entries                        [ DONE ]
Preparing Neutron L3 entries                         [ DONE ]
Preparing Neutron L2 Agent entries                   [ DONE ]
Preparing Neutron DHCP Agent entries                 [ DONE ]
Preparing Neutron Metering Agent entries             [ DONE ]
Checking if NetworkManager is enabled and running    [ DONE ]
Preparing OpenStack Client entries                   [ DONE ]
Preparing Horizon entries                            [ DONE ]
Preparing Swift builder entries                      [ DONE ]
Preparing Swift proxy entries                        [ DONE ]
Preparing Swift storage entries                      [ DONE ]
Preparing Gnocchi entries                            [ DONE ]
Preparing Redis entries                              [ DONE ]
Preparing Ceilometer entries                         [ DONE ]
Preparing Aodh entries                               [ DONE ]
Preparing Puppet manifests                           [ DONE ]
Copying Puppet modules and manifests                 [ DONE ]
Testing if puppet apply is finished: 10.10.20.10_controller.pp  [ \ ]
10.10.20.10_controller.pp:                           [ DONE ]           
Applying  10.10.20.10_network.pp
10.10.20.10_network.pp:                              [ DONE ]        
Applying  10.10.20.10_compute.pp
10.10.20.10_compute.pp:                              [ DONE ]        
Applying Puppet manifests                            [ DONE ]
Finalizing                                           [ DONE ]

 **** Installation completed successfully ******

The Login URL for the dashboard will be shown after successful installation.

Step 4: Configure OpenStack Networking

The installer creates an OVS bridge automatically and this can be confirmed with the command below.

$ sudo ovs-vsctl show
9ed1d854-1950-4ea3-99b5-1e5be0f0f230
    Manager "ptcp:6640:127.0.0.1"
        is_connected: true
    Bridge br-ex
        Port "patch-provnet-f62aa13c-c6e5-41a2-bd30-9760f2773e07-to-br-int"
            Interface "patch-provnet-f62aa13c-c6e5-41a2-bd30-9760f2773e07-to-br-int"
                type: patch
                options: {peer="patch-br-int-to-provnet-f62aa13c-c6e5-41a2-bd30-9760f2773e07"}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port br-int
            Interface br-int
                type: internal
        Port "patch-br-int-to-provnet-f62aa13c-c6e5-41a2-bd30-9760f2773e07"
            Interface "patch-br-int-to-provnet-f62aa13c-c6e5-41a2-bd30-9760f2773e07"
                type: patch
                options: {peer="patch-provnet-f62aa13c-c6e5-41a2-bd30-9760f2773e07-to-br-int"}
    ovs_version: "2.12.0"

If the mapping for the interface and OVS bridge is not correct proceed to modify the interface configurations and add the interface to your bridge to be used in OpenStack.

Create an external OVS bridge on your interface.

$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eno1
DEVICE=eno1
ONBOOT=yes
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex 

$ sudo vi /etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE=br-ex
BOOTPROTO=none
ONBOOT=yes
TYPE=OVSBridge
DEVICETYPE=ovs
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
IPADDR=192.168.10.10
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
DNS1=192.168.10.1

Move your static route for configured interface to br-ex.

sudo mv /etc/sysconfig/network-scripts/route-eno1 /etc/sysconfig/network-scripts/route-br-ex

Add the network physical interface to the br-ex bridge in Open vSwitch.

sudo ovs-vsctl add-port br-ex eno1; systemctl restart network.service

Additional bridges can be configured in a similar manner. You’ll need to configure Open vSwitch with correct mappings.

$ sudo  vi /etc/neutron/plugins/ml2/openvswitch_agent.ini 
bridge_mappings=extnet:br-ex

Restart Nova services.

sudo systemctl restart openstack-nova-compute
sudo systemctl restart openstack-nova-api
sudo systemctl restart openstack-nova-scheduler

Create OpenStack private Network.

$ source keystonerc_admin
$ openstack network create private

Confirm network is created.

$ openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID                                   | Name    | Subnets                              |
+--------------------------------------+---------+--------------------------------------+
| a5e2a8f0-a953-4eb4-8fc1-2712c2c879d5 | private | 238ec5c5-602d-4fb8-9fca-053d444d9187 |
+--------------------------------------+---------+--------------------------------------+

Add Subnet to the private network created.

openstack subnet create --network private \
  --allocation-pool start=10.1.1.50,end=10.1.1.200 \
  --dns-nameserver 8.8.8.8 \
  --subnet-range 10.1.1.0/24 \
  private_subnet

Create a public network.

openstack network create \
  --provider-network-type flat \
  --provider-physical-network extnet \
  --external \
  public

Add Subnet for Public network.

 openstack subnet create --network public \
    --allocation-pool start=<startip>,end=<lastip> \
    --no-dhcp \
    --subnet-range <subnet>/27 public_subnet

Add a new router and configure router interfaces.

openstack router create --no-ha router1
openstack router set --external-gateway public router1
openstack router add subnet router1 private_subnet

Confirm network configurations by checking network namespaces

ip netns show

Step 5: Configure Cinder of using LVM

Configure Cinder to use configured LVM volume.

$ sudo  vi /etc/cinder/cinder.conf
enabled_backends=lvm
volume_clear = none

[lvm]
volume_backend_name=lvm
volume_driver=cinder.volume.drivers.lvm.LVMVolumeDriver
iscsi_ip_address=192.168.10.10
iscsi_helper=lioadm
volume_group=cinder-volumes
volumes_dir=/var/lib/cinder/volumes

You need to restart Cinder services after the change.

sudo systemctl restart openstack-cinder-volume
sudo systemctl restart openstack-cinder-api

Restart Cinder services after the change.

sudo systemctl restart openstack-cinder-volume
sudo systemctl restart openstack-cinder-api

Step 6: Create flavors and Security groups

Let’s add OpenStack flavors:

openstack flavor create --id 0 --ram 1024  --vcpus  1 --swap 2048  --disk 10    m1.tiny
openstack flavor create --id 1 --ram 2048  --vcpus  1 --swap 4096  --disk 20    m1.small
openstack flavor create --id 2 --ram 4096  --vcpus  2 --swap 8192  --disk 40    m1.medium
openstack flavor create --id 3 --ram 8192  --vcpus  4 --swap 8192  --disk 80    m1.large
openstack flavor create --id 4 --ram 16384 --vcpus  8 --swap 8192  --disk 160   m1.xlarge

And basic security group

openstack security group create basic --description "Allow base ports"
openstack security group rule create --protocol TCP --dst-port 22 --remote-ip 0.0.0.0/0 basic
openstack security group rule create --protocol TCP --dst-port 80 --remote-ip 0.0.0.0/0 basic
openstack security group rule create --protocol TCP --dst-port 443 --remote-ip 0.0.0.0/0 basic
openstack security group rule create --protocol ICMP --remote-ip 0.0.0.0/0 basic

Step 7: Create Private Key and Add Glance images

Create a new key for your account or use existing.

$ ssh-keygen -q -N "" 
$ openstack keypair create --public-key=~/.ssh/id_rsa.pub adminkey
+-------------+-------------------------------------------------+
| Field       | Value                                           |
+-------------+-------------------------------------------------+
| fingerprint | e4:00:26:64:1c:f7:20:06:d6:59:c6:31:20:53:59:c8 |
| name        | adminkey                                        |
| user_id     | 9f7d84c3014445e7aac3048c9a0fd856                |
+-------------+-------------------------------------------------+

For Glance images, refer to our previous guide:

How To add Glance Cloud images to OpenStack

Step 8: Accessing OpenStack Dashboard

To access the OpenStack Dashboard browse to http://openstackip/dashboard.

Your login credentials are stored in the keystonerc_admin file in your home directory.

$ grep OS_PASSWORD keystonerc_admin
export OS_PASSWORD='c11661db5ecf4ebd'

Once logged in you can start creating instances to work on your projects. We have a number of OpenStack articles that you can use.

How To run CentOS 8 Instance on OpenStack

How To rename an Instance/Server in OpenStack

How To resize/extend Cinder Volume in OpenStack

How To Assign a Floating IP Address to an Instance in OpenStack

 Create OpenStack Instance With a Fixed / Static IP Address

How To Create OpenStack projects, users and roles

How To Resize OpenStack Instance / Virtual Machine

You can support us by downloading this article as PDF from the Link below. Download the guide as PDF