Minimal OpenStack Starting Your OpenStack Journey Sean Dague / Aug - PowerPoint PPT Presentation

Minimal OpenStack Starting Your OpenStack Journey Sean Dague / Aug 19 th , 2015 Twitter: @sdague Blog: dague.net

T h e M i s s i o n o f O p e n S t a c k "To produce the ubiquitous Open Source Cloud Computing platform that will meet the needs of public and private clouds regardless of size, by being simple to implement and massively scalable."

T h i n g s y o u p r o b a b l y d o n ' t n e e d i n y o u r b a s e me n t ● H ● S a d o o p a s a S e r v i c e D N I n t e g r a t i o n ● D ● P N S ma n a g e r o l i c y E n f o r c e me n t ● O ● O b j e c t s t o r a g e l a y e r r c h e s t r a t i o n L a y e r ● C ● K h a r g e b a c k u b e r n e t e s d e p l o y e r ● I n t e g r a t i o n w i t h E n t e r p r i s e S t o r a g e B u t , y o u c a n l a y e r t h e m i n l a t e r o n c e y o u h a v e a M i n i ma l O p e n S t a c k

My First OpenStack 1 Intel/AMD CPU Read OpenStack Install Guide 8 GB Ram Follow sections 2, 3, 4, 5 and 6.2 for your 250+ GB Disk favorite distro 1 Gbs Network For multiple servings follow sections 5 and 6.2 again Makes 1 compute cloud. Good for long running or ephermeral VMs. Variations: * Increase RAM for more guests 2 hrs 4

2 – 3 hours process Read Carefully! "Create Exclusive Slice"

C a v e a t o n N e t w o r k i n g N o v a N e t w o r k N e u t r o n ● O ● N r i g i n a l N e t w o r k i n g e w N e t w o r k S t a c k ● E ● M a s y t o s e t u p o r e n e t w o r k c e n t r i c A P I ● L ● A i mi t e d A P I l l o w s T e n a n t S e l f S e r v i c e N e t w o r k i n g ● L o n g T e r m D i r e c t i o n f o r O p e n S t a c k My Current Recommendation (based on Kilo documentation): Start with Nova Network to get comfortable Rebuild with Neutron later if your intent is to expand substantially Liberty documentation should make Neutron base easier to get started with

N o v a N e t w o r k M u l t i h o s t messages back and forth to prevent collisions 10.64.0.0/24 dnsmasq dnsmasq .2 .6 .5 .2 .4 .7 .1 Router Controller + Worker Worker Linux Bridge Linux Bridge

C h e a t i n g a n d S h a r i n g a n L 2 messages back and forth to prevent collisions 10.64.0.0/24 10.64.0.128/25 dnsmasq dnsmasq .129/25 .130 .131 .129/25 .132 .133 .1 Router Controller + Worker Worker Linux Bridge Linux Bridge .50/24 .51/24 Through the magic of Linux Networking

N e t w o r k i n g a t H o me

A 2 n o d e b a s e me n t c l o u d Keystone Glance Nova Nova rabbitmq /disk /disk mysql C o n t r o l l e r + Wo r k e r Wo r k e r O n l y

C o mp u t e F l o w First Boot clout-init: typically shipped in cloud images Built from disk on customizes on fjrst boot fjrst boot. Exists Flavor Base Image until destroy. Metadata Confjg Drive Persistent Disk Server Ephemeral Disk Freshly created on every boot. Like "T-Shirt Sizes" Common Actions: Each defjnes CPU, Mem, Disk, ● create/delete and other attrs of fjnal VM ● start/stop ● resize ● snapshot ● locking

O p e n S t a c k C l i e n t ● U n i f i e d o p e n s t a c k c l i ribos:~> more demo-openrc.sh export OS_PROJECT_DOMAIN_ID=default ● R e p l a c e s mo s t o f n o v a / k e y s t o n e / g l a n c e c l i u s a g e export OS_USER_DOMAIN_ID=default ● F a r mo r e c o n s i s t e n t i n e x p e r i e n c e export OS_PROJECT_NAME=demo export OS_TENANT_NAME=demo ● I n s t a l l a b l e v i a a p t / y u m/ p i p export OS_USERNAME=demo export OS_PASSWORD=0penstack ● P export OS_AUTH_URL=http://10.42.0.51:5000/v3 u t i t o n y o u r l a p t o p export OS_REGION_NAME=RegionOne ● A c c e s s a n y O p e n S t a c k v i a s e t t i n g e n v v a r i a b l e s

Y o u r f i r s t O p e n S t a c k > source admin-openrc.sh # credentials > openstack image create --copy-from \ https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img \ --public trusty # image available to all users > source demo-openrc.sh # drop back to normal user > openstack security group rule create --proto icmp --src-ip 0.0.0.0/0 --dst-port -1 default > openstack security group rule create --proto tcp --src-ip 0.0.0.0/0 --dst-port 22 default # sshable security group out of the box > openstack keypair create –public-key .ssh/id_rsa.pub my_sshkey # add a keypair so you can ssh to servers > openstack server create --flavor m1.medium --image trusty --keypair my_sshkey \ server1 --wait # boot your first server, wait until done > ssh ubuntu@{IP} # profit!

G e t t i n g a n I ma g e User + Project + Password Keystone OpenStack Client Token POST /images Glance Token HTTP Pull

Y o u r f i r s t O p e n S t a c k > source admin-openrc.sh # credentials > openstack image create --copy-from \ https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img \ --public trusty # image available to all users > source demo-openrc.sh # drop back to normal user > openstack security group rule create --proto icmp --src-ip 0.0.0.0/0 --dst-port -1 default > openstack security group rule create --proto tcp --src-ip 0.0.0.0/0 --dst-port 22 default # sshable security group out of the box > openstack keypair create –public-key .ssh/id_rsa.pub my_sshkey # add a keypair so you can ssh to servers > openstack server create --flavor m1.medium --image trusty --keypair my_sshkey \ server1 --wait # boot your first server, wait until done > ssh ubuntu@{IP} # profit!

S e c u r i t y G r o u p s 10.64.0.0/24 dnsmasq .2 .6 .5 Default host level fjrewall preventing all inbound .1 Router Controller + Worker Linux Bridge

Y o u r f i r s t O p e n S t a c k > source admin-openrc.sh # credentials > openstack image create --copy-from \ https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img \ --public trusty # image available to all users > source demo-openrc.sh # drop back to normal user > openstack security group rule create --proto icmp --src-ip 0.0.0.0/0 --dst-port -1 default > openstack security group rule create --proto tcp --src-ip 0.0.0.0/0 --dst-port 22 default # sshable security group out of the box > openstack keypair create –public-key .ssh/id_rsa.pub my_sshkey # add a keypair so you can ssh to servers > openstack server create --flavor m1.medium --image trusty --keypair my_sshkey \ server1 --wait # boot your first server, wait until done > ssh ubuntu@{IP} # profit!

B o o t i n g a S e r v e r User + Project + Password Keystone OpenStack Client Token POST /servers Nova API Nova Conductor Nova Sched Token Glance Nova Compute HTTP Pull your compute! libvirt

U s e r O r g a n i z a t i o n i n O p e n S t a c k *Project == Tenant Domain 2 Domain 1 Projects: contain quota ● Tenant 1 Project 1 Project 2 10 vcpu Roles 8 GB mem 10 vcpu 24 GB mem 30 vcpu 8 GB mem 24 GB mem Users: credentials ● Domains: … you don't need those in your basement

B u t I d o n ' t l i k e t h e c o mma n d l i n e ! ● N o p r o b l e m! ● S e t t i n g u p H o r i z o n i s S e c t i o n 7 ● E a s y t o u s e We b U I

1