Post

Deploy Single Node Openstack for Lab

A. Environment Diagram

Diagram

diagram

System Specification

KeyValue
Hostnamefb-node-aio
Operating SystemUbuntu 22.04 LTS
NIC 1 - Openstack network192.168.1.11/24
NIC 2 - Floating IPs10.0.0.0/24
Boot Disk64 GB
Disk 1 (Glance & Nova)128 GB
Disk 2 (Cinder Volumes)128 GB
Kolla Ansible Version15.2.1
Openstack VersionZed

B. General Preparation

All steps are done in root

Update hostname

1
hostnamectl set-hostname fb-node01

Update root password

1
passwd

Update Timezone

1
timedatectl set-timezone Asia/Jakarta

Update hosts file

1
2
3
4
5
cat<< EOF >> /etc/hosts

192.168.1.10 aio.openstack.lab
192.168.1.11 fb-node-aio fb-node-aio.aio.openstack.lab
EOF

Update repository and upgrade all packages

1
apt update && apt upgrade -y

Install essential packages

1
apt install net-tools dns-utils tree

Reboot to apply all updates

1
reboot

Generate SSH key for user root

1
ssh-keygen -t rsa

C. Prepare Disks

Create Volume Group for Cinder

Create Volume Group openstack_cinder

1
2
3
4
parted -s -a opt /dev/vdb mklabel gpt mkpart primary 0% 100%
set 1 lvm on
pvcreate /dev/vdb1
vgcreate openstack_cinder /dev/vdb1

Create Partition for Glance and Nova

  1. Create Logical Volume openstack_data
1
2
3
4
5
parted -s -a opt /dev/vdc mklabel gpt mkpart primary 0% 100%
set 1 lvm on
pvcreate /dev/vdc1
vgcreate openstack_data /dev/vdc1
lvcreate -l 100%FREE -n openstack_data openstack_data
  1. Format partition openstack_data
1
mkfs.xfs /dev/openstack_data/openstack_data
  1. Mount partition
1
2
3
4
5
6
7
8
9
10
mkdir /openstack_data

cat<< EOF >> /etc/fstab
/dev/mapper/openstack_data-openstack_data    /openstack_data  xfs  defaults  0 0
EOF

mount -a

mkdir -p /openstack_data/nova
mkdir -p /openstack_data/glance

D. Install Dependencies

  1. Install python packages
1
2
3
apt install -y python3-dev libffi-dev gcc libssl-dev python3-venv python3-pip
pip3 install -U pip
pip3 install docker
  1. Configure Ansible
1
2
3
4
5
6
7
8
9
10
mkdir -p /etc/ansible

cat<<EOF | sudo tee /etc/ansible/ansible.cfg
[defaults]
host_key_checking=False
pipelining=True
forks=100
interpreter_python=/usr/bin/python3
timeout=60
EOF
  1. Create python virtual environment
1
2
3
mkdir /root/openstack && cd /root/openstack
python3 -m venv os-venv
source /root/openstack/os-venv/bin/activate
  1. Install Kolla Ansible
1
2
3
4
5
pip install -U pip
pip install -U 'ansible>=4,<6'
pip install python-openstackclient
pip install git+https://opendev.org/openstack/kolla-ansible@stable/zed
kolla-ansible install-deps
  1. Copy configuration files
1
2
3
4
mkdir /etc/kolla
chown $USER:$USER /etc/kolla
cp /root/openstack/os-venv/share/kolla-ansible/etc_examples/kolla/* /etc/kolla/
cp /root/openstack/os-venv/share/kolla-ansible/ansible/inventory/all-in-one .

E. Configure Openstack

1
nano /etc/kolla/globals.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# BASE
config_strategy: "COPY_ALWAYS"
kolla_base_distro: "ubuntu"
kolla_install_type: "source"
openstack_release: "zed"
prechecks_enable_host_os_checks: "false"

# NETWORKS
kolla_external_vip_address: 192.168.1.10
kolla_external_fqdn: "aio.openstack.lab"
kolla_internal_vip_address: 192.168.1.10
kolla_internal_fqdn: "aio.openstack.lab"
network_interface: "ens3"
neutron_external_interface: "ens4"
neutron_plugin_agent: "ovn"
enable_neutron_provider_networks: "yes"

# SERVICES
enable_openstack_core: "yes"
enable_keystone: "yes"
keystone_token_provider: "fernet"
enable_horizon: "yes"
enable_haproxy: "yes"
enable_mariabackup: "yes"
enable_octavia: "no"
enable_cinder: "yes"
enable_cinder_backup: "no"
enable_cinder_backend_lvm: "yes"
cinder_volume_group: "openstack_cinder"
enable_glance: "yes"
glance_backend_file: "yes"
glance_file_datadir_volume: "/openstack_data/glance/"
enable_nova: "yes"
nova_compute_virt_type: "kvm"
nova_instance_datadir_volume: "/openstack_data/nova/"

# TLS
kolla_enable_tls_internal: "yes"
kolla_enable_tls_external: "yes"
kolla_copy_ca_into_containers: "yes"
kolla_enable_tls_backend: "yes"
openstack_cacert: "/etc/ssl/certs/ca-certificates.crt"
kolla_admin_openrc_cacert: "/etc/ssl/certs/ca-certificates.crt"

# MONITORING
enable_fluentd: "no"
enable_prometheus: "yes"
enable_grafana: "yes"

F. Deploy Openstack

  1. Generate password
1
kolla-genpwd
  1. Generate self signed certificates
1
kolla-ansible certificates
  1. Bootstrap server
1
kolla-ansible -v -i all-in-one bootstrap-servers
  1. Precheck server
1
kolla-ansible -v -i all-in-one prechecks
  1. Pull container images
1
kolla-ansible -v -i all-in-one pull
  1. Deploy services
1
kolla-ansible -v -i all-in-one deploy

G. Post Deployment

Generate openrc file

1
kolla-ansible -v -i all-in-one post-deploy
  • Edit openrc file
1
2
3
4
nano /etc/kolla/admin-openrc.sh

---
source /root/openstack/os-venv/bin/activate

Verify Deployment

1
source /etc/kolla/admin-openrc.sh
1
2
3
4
5
6
openstack endpoint list
openstack service list --long
openstack hypervisor list --long
openstack compute service list
openstack network agent list
openstack volume service list

H. Operational Test

Monitoring Stack

Access Openstack Grafana on https://aio.openstack.lab:3000. Openstack Grafana password can be obtained from:

1
grep grafana_admin_password /etc/kolla/passwords.yml

Create Internal Network

Create internal network

1
openstack network create internal-net

Create internal network subnet

1
2
3
4
5
openstack subnet create --subnet-range 172.16.0.0/24 \
--network internal-net \
--gateway 172.16.0.1 \
--dns-nameserver 1.1.1.1 \
internal-subnet

Create External Network

Create external network

1
2
3
4
openstack network create --share --external \
--provider-physical-network physnet1 \
--provider-network-type flat \
public-net

Create external network subnet

1
2
3
4
5
6
openstack subnet create --no-dhcp \
--allocation-pool 'start=10.0.0.2,end=10.0.0.254' \
--network public-net \
--subnet-range 10.0.0.0/24 \
--gateway 10.0.0.1 \
public-subnet

Create Router

Create router

1
openstack router create public-router

Add internal network to router

1
openstack router add subnet public-router internal-subnet

Set router default gateway

1
openstack router set --external-gateway public-net public-router

Create Security Group

Create security group allow-all

1
openstack security group create allow-all

Create security group rule to allow all connection

1
2
3
4
openstack security group rule create --ingress --ethertype IPv4 --protocol icmp allow-all
openstack security group rule create --ingress --ethertype IPv4 --protocol tcp --dst-port 22 allow-all
openstack security group rule create --ingress --ethertype IPv4 --protocol tcp --dst-port 1:65535 allow-all
openstack security group rule create --ingress --ethertype IPv4 --protocol udp --dst-port 1:65535 allow-all

Add Public Key to Nova

Do on corresponding nodes

1
openstack keypair create --public-key ~/.ssh/id_rsa.pub openstack-node-key

Create Default Flavor

1
2
3
4
5
6
openstack flavor create --id 1 --ram 512 --disk 1 --vcpus 1 tiny
openstack flavor create --id 2 --ram 1024 --disk 10 --vcpus 1 mini
openstack flavor create --id 3 --ram 2048 --disk 20 --vcpus 1 small
openstack flavor create --id 4 --ram 4096 --disk 40 --vcpus 2 medium
openstack flavor create --id 5 --ram 8192 --disk 80 --vcpus 4 large
openstack flavor create --id 6 --ram 16384 --disk 160 --vcpus 8 xlarge

Create Glance Images

1
2
mkdir /root/images
cd /root/images

Cirros

Download and Create Glance Image for Cirros

1
2
3
4
5
6
7
8
9
wget https://download.cirros-cloud.net/0.6.2/cirros-0.6.2-x86_64-disk.img

openstack image create \
  --public \
  --container-format bare \
  --disk-format qcow2 \
  --property os_type=linux \
  --file /root/images/cirros-0.6.2-x86_64-disk.img \
  Cirros-0.6.2

Ubuntu 20.04

Download and Create Glance Image for Ubuntu 20.04

1
2
3
4
5
6
7
8
9
wget http://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img

openstack image create \
  --public \
  --container-format bare \
  --disk-format qcow2 \
  --property os_type=linux \
  --file /root/images/jammy-server-cloudimg-amd64.img \
  Ubuntu-22.04

List Openstack Images

1
openstack image list

Deploy VM tester to Openstack

Create VM

1
2
3
4
5
6
7
openstack server create \
--image Cirros-0.6.2 \
--flavor tiny \
--key-name openstack-node-key \
--network internal-net \
--security-group allow-all \
demo-cirros

Add Floating IP to VM

1
2
openstack floating ip create --floating-ip-address 10.0.0.123 public-net
openstack server add floating ip demo-cirros 10.0.0.123

Access VM

1
2
ping 10.0.0.123
ssh [email protected]

Login to Openstack Horizon

Get admin password

1
grep keystone_admin_password /etc/kolla/passwords.yml

Open https://aio.openstack.lab and insert admin for username and keystone_admin_password value for password

I. References

This post is licensed under CC BY 4.0 by the author.