Openstack Installation TTNN » Historique » Version 27
Mehdi Abaakouk, 06/08/2014 13:51
1 | 1 | Mehdi Abaakouk | h1. Openstack Installation TTNN |
---|---|---|---|
2 | 1 | Mehdi Abaakouk | |
3 | 3 | Mehdi Abaakouk | h2. Pending upstream fixes: |
4 | 3 | Mehdi Abaakouk | |
5 | 1 | Mehdi Abaakouk | * build-debian-openstack-images, changes should be in next package version: |
6 | 1 | Mehdi Abaakouk | ** Fix extlinux installation on jessie: http://anonscm.debian.org/cgit/openstack/openstack-debian-images.git/commit/?id=1a4ddceb99fb66f42f79e87a183d8e96952e5ac3 |
7 | 1 | Mehdi Abaakouk | ** Fix cloud-init setup with configdrive: http://anonscm.debian.org/cgit/openstack/openstack-debian-images.git/commit/?id=15cce87e2fa15b8952d69fb58711bfa88b21ef87 |
8 | 15 | Mehdi Abaakouk | ** Use Configdrive first for cloud-init: http://anonscm.debian.org/cgit/openstack/openstack-debian-images.git/commit/?id=1b1e1093d5ee525426382ad29b8219ab58f6656d |
9 | 1 | Mehdi Abaakouk | |
10 | 1 | Mehdi Abaakouk | * nova: |
11 | 15 | Mehdi Abaakouk | ** Fix live-migration avec ceph and configdrive:: https://review.openstack.org/#/c/112014/, si la solution est mergé upstream, j'appliquerai le patch au package debian |
12 | 1 | Mehdi Abaakouk | |
13 | 4 | Mehdi Abaakouk | h2. Installation |
14 | 4 | Mehdi Abaakouk | |
15 | 4 | Mehdi Abaakouk | Le setup installé est composé de : |
16 | 4 | Mehdi Abaakouk | |
17 | 4 | Mehdi Abaakouk | * 3 hyperviseurs (compute node) qui contiendront 1 ceph-mon, N ceph-osd, nova-compute (qui lance les VM), neutron-openvswitch-agent (qui configure le réseau des vms) |
18 | 4 | Mehdi Abaakouk | * 1 VM (controler node), qui contient tous les services de management d'openstack (nova, cinder, glance, neutron) |
19 | 4 | Mehdi Abaakouk | |
20 | 4 | Mehdi Abaakouk | Les étapes d'installation sont les suivantes: |
21 | 4 | Mehdi Abaakouk | * Préparation manuelle de la VM de management sur un des hyperviseurs |
22 | 4 | Mehdi Abaakouk | * Installation de ceph et openstack sur toutes les machines avec puppet |
23 | 4 | Mehdi Abaakouk | * Déplacement de la VM de management d'openstack dans openstack. |
24 | 4 | Mehdi Abaakouk | |
25 | 4 | Mehdi Abaakouk | h3. Preparation de la VM de management, le controlleur |
26 | 4 | Mehdi Abaakouk | |
27 | 6 | Mehdi Abaakouk | h4. Installation des prérequis |
28 | 4 | Mehdi Abaakouk | |
29 | 4 | Mehdi Abaakouk | <pre> |
30 | 4 | Mehdi Abaakouk | $ apt-get install libvirt-bin openstack-debian-images openvswitch-switch openvswitch-datapath-dkms virtinst |
31 | 4 | Mehdi Abaakouk | #NOTE(sileht): temporairement appliquer les patches de au-dessus à openstack-debian-images |
32 | 4 | Mehdi Abaakouk | </pre> |
33 | 4 | Mehdi Abaakouk | |
34 | 6 | Mehdi Abaakouk | h4. Preparation de l'image de la VM |
35 | 1 | Mehdi Abaakouk | |
36 | 1 | Mehdi Abaakouk | <pre> |
37 | 6 | Mehdi Abaakouk | $ vim hook.sh |
38 | 17 | Mehdi Abaakouk | set -xv |
39 | 16 | Mehdi Abaakouk | |
40 | 1 | Mehdi Abaakouk | echo "openstack" > $BODI_CHROOT_PATH/etc/hostname |
41 | 20 | Mehdi Abaakouk | |
42 | 16 | Mehdi Abaakouk | cat > $BODI_CHROOT_PATH/etc/resolv.conf <<EOF |
43 | 16 | Mehdi Abaakouk | domain tetaneutral.net |
44 | 16 | Mehdi Abaakouk | search tetaneutral.net |
45 | 16 | Mehdi Abaakouk | nameserver 8.8.8.8 |
46 | 1 | Mehdi Abaakouk | EOF |
47 | 20 | Mehdi Abaakouk | |
48 | 6 | Mehdi Abaakouk | cat > $BODI_CHROOT_PATH/etc/network/interfaces <<EOF |
49 | 6 | Mehdi Abaakouk | auto lo |
50 | 6 | Mehdi Abaakouk | iface lo inet loopback |
51 | 1 | Mehdi Abaakouk | auto eth0 |
52 | 6 | Mehdi Abaakouk | iface eth0 inet manual |
53 | 20 | Mehdi Abaakouk | pre-up /sbin/sysctl -w net.ipv6.conf.eth0.accept_ra=0 |
54 | 20 | Mehdi Abaakouk | pre-up /sbin/sysctl -w net.ipv6.conf.eth0.autoconf=0 |
55 | 1 | Mehdi Abaakouk | up ip link set eth0 up |
56 | 1 | Mehdi Abaakouk | up ip addr add 89.234.156.249/32 dev eth0 |
57 | 20 | Mehdi Abaakouk | up ip route add 91.224.148.0/32 dev eth0 |
58 | 20 | Mehdi Abaakouk | up ip route add default via 91.224.148.0 |
59 | 20 | Mehdi Abaakouk | |
60 | 20 | Mehdi Abaakouk | iface eth0 inet6 static |
61 | 20 | Mehdi Abaakouk | pre-up /sbin/sysctl -w net.ipv6.conf.eth0.accept_ra=0 |
62 | 20 | Mehdi Abaakouk | pre-up /sbin/sysctl -w net.ipv6.conf.eth0.autoconf=0 |
63 | 20 | Mehdi Abaakouk | address 2a01:6600:8083:f900::1 |
64 | 20 | Mehdi Abaakouk | netmask 56 |
65 | 25 | Mehdi Abaakouk | gateway fe80::42 |
66 | 6 | Mehdi Abaakouk | EOF |
67 | 20 | Mehdi Abaakouk | |
68 | 1 | Mehdi Abaakouk | mkdir -p $BODI_CHROOT_PATH/root/.ssh |
69 | 6 | Mehdi Abaakouk | chmod 600 $BODI_CHROOT_PATH/root/.ssh |
70 | 4 | Mehdi Abaakouk | cat >> $BODI_CHROOT_PATH/root/.ssh/authorized_keys <<EOF |
71 | 1 | Mehdi Abaakouk | ssh-dss AAAAB3NzaC1kc3MAAACBAJtnGLvuz4uVD6fnERDxDi/C0UyzwCiKmgNtEessopREYasAX4Gu6Fg10jAyIL5Nuc7YDnqj//pOfxNjD7hp99a2ZmkRQgh/ltClxYML9fqhBHgsUCpVse9nOYDHDnDgvXIPRSDUHat2UFpdchHVrFURNLIlZnBztsr+GCDURTV/AAAAFQD9SrBcH49ltaKOm6V5ssCPmgs1SwAAAIAbAvkQ3/tMzzdACO5B9s5Yb3ZuM7XImm0iqufivVf2Xy39g8HOBulUsN7eKEGPhVriqNolgIO7q7tVgYAff4/NE4yDP0Kp0SPg4tjt2yFJuL31Y3wzwHjnKrjgNlDSLl3uZnRXSipwUMwGKbdHB6NZSqlq192VKbHilQ00pbiMlAAAAIB5dfB1lVHkJ0o5CcaVQRPbca9DvbbRwnoTSmKHc5DUcqsPqDhS07CkM9ZcJuY1Nh4wGl4Q9kArj7Tnsvvygf/HReSUcIk4+nbDytJ8/pca/Qx4fzQQyppa94TylN62LSFT6MIJKLoMwYa0dQURT7Mv5+9Qj2vk5pZ38w2iQ9zVCg== root@h1 |
72 | 4 | Mehdi Abaakouk | EOF |
73 | 10 | Mehdi Abaakouk | |
74 | 16 | Mehdi Abaakouk | sed -i -e 's/^.*Port.*$/Port 2222/' -e 's/^[# ]*PasswordAuthentication.*$/PasswordAuthentication no/' $BODI_CHROOT_PATH/etc/ssh/sshd_config |
75 | 16 | Mehdi Abaakouk | chroot $BODI_CHROOT_PATH dpkg-reconfigure openssh-server |
76 | 20 | Mehdi Abaakouk | chroot $BODI_CHROOT_PATH apt-get purge -y cloud-init* |
77 | 1 | Mehdi Abaakouk | </pre> |
78 | 7 | Mehdi Abaakouk | |
79 | 4 | Mehdi Abaakouk | <pre> |
80 | 21 | Mehdi Abaakouk | $ chmod +x hook.sh |
81 | 12 | Mehdi Abaakouk | $ build-openstack-debian-image --image-size 20 --release jessie -u http://apt.tetaneutral.net/debian/ -s http://apt.tetaneutral.net/debian/ --hook-script $(pwd)/hook.sh |
82 | 4 | Mehdi Abaakouk | $ mv debian-jessie-7.0.0-3-amd64.raw /openstack.raw |
83 | 4 | Mehdi Abaakouk | $ rm debian-jessie-7.0.0-3-amd64.qcow2 |
84 | 4 | Mehdi Abaakouk | </pre> |
85 | 5 | Mehdi Abaakouk | |
86 | 13 | Mehdi Abaakouk | _note: la derniere commande lancée par le script doit être 'qemu-img convert -c -f raw .... , sinon l'image de bootera pas_ |
87 | 18 | Mehdi Abaakouk | _note(jessie): si l'erreur est celle ci-dessous, relancer manuellement 'kpartx -d debian-jessie-7.0.0-3-amd64.raw' jusqu'a ce que l'erreur disparaissent et le .raw est utilisable:_ |
88 | 18 | Mehdi Abaakouk | <pre> |
89 | 18 | Mehdi Abaakouk | + 'kpartx -d debian-jessie-7.0.0-3-amd64.raw' |
90 | 18 | Mehdi Abaakouk | device-mapper: remove ioctl on loop0p1 failed: Device or resource busy |
91 | 18 | Mehdi Abaakouk | loop deleted : /dev/loop0 |
92 | 18 | Mehdi Abaakouk | </pre> |
93 | 11 | Mehdi Abaakouk | |
94 | 4 | Mehdi Abaakouk | On garde l'image raw qui sera importable dans ceph plus tard et on la mets à la racine pour qui l'utilisateur libvirt puisse y accéder. |
95 | 4 | Mehdi Abaakouk | |
96 | 6 | Mehdi Abaakouk | h4. Préparation du réseau |
97 | 4 | Mehdi Abaakouk | |
98 | 4 | Mehdi Abaakouk | <pre> |
99 | 4 | Mehdi Abaakouk | $ ovs-vsctl add-br br-net |
100 | 4 | Mehdi Abaakouk | $ ip link set br-net up |
101 | 4 | Mehdi Abaakouk | $ ovs-vsctl br-set-external-id br-net bridge-id br-net |
102 | 8 | Mehdi Abaakouk | $ ip route add 89.234.156.249/32 dev br-net proto 42 |
103 | 23 | Mehdi Abaakouk | $ ip -6 route add 2a01:6600:8083:f900::/56 dev br-net proto42 |
104 | 4 | Mehdi Abaakouk | </pre> |
105 | 5 | Mehdi Abaakouk | |
106 | 6 | Mehdi Abaakouk | h4. Installation de la VM |
107 | 4 | Mehdi Abaakouk | |
108 | 4 | Mehdi Abaakouk | <pre> |
109 | 4 | Mehdi Abaakouk | $ virt-install --name openstack --ram 2048 --network bridge=br-net --nographics --serial pty --wait -1 --noreboot --autostart --disk /openstack.raw,bus=virtio,cache=none,io=native --import |
110 | 4 | Mehdi Abaakouk | $ EDITOR="sed -i -e \"s,<source bridge='br-net'/>,<source bridge='br-net'/><virtualport type='openvswitch' />,g\"" virsh edit openstack # Openvswitch is not yet supported by virt-install |
111 | 4 | Mehdi Abaakouk | $ virsh start openstack |
112 | 19 | Mehdi Abaakouk | $ ssh root@openstack.tetaneutral.net -p 2222 |
113 | 19 | Mehdi Abaakouk | </pre> |
114 | 19 | Mehdi Abaakouk | |
115 | 19 | Mehdi Abaakouk | Une fois connecté à la VM: |
116 | 19 | Mehdi Abaakouk | |
117 | 19 | Mehdi Abaakouk | <pre> |
118 | 19 | Mehdi Abaakouk | $ apt-get install puppet |
119 | 19 | Mehdi Abaakouk | $ puppet agent --enable |
120 | 24 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
121 | 24 | Mehdi Abaakouk | Info: Caching certificate for ca |
122 | 24 | Mehdi Abaakouk | Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml |
123 | 24 | Mehdi Abaakouk | Info: Creating a new SSL certificate request for openstack.tetaneutral.net |
124 | 24 | Mehdi Abaakouk | Info: Certificate Request fingerprint (SHA256): AE:72:47:40:A0:E2:F4:59:BA:39:FA:3D:C2:A7:C9:1B:9F:87:A5:B7:65:3A:F9:D4:DE:AF:E2:A3:02:41:0F:2E |
125 | 24 | Mehdi Abaakouk | Info: Caching certificate for ca |
126 | 24 | Mehdi Abaakouk | Exiting; no certificate found and waitforcert is disabled |
127 | 19 | Mehdi Abaakouk | </pre> |
128 | 19 | Mehdi Abaakouk | |
129 | 19 | Mehdi Abaakouk | Sur le puppetmaster: |
130 | 19 | Mehdi Abaakouk | |
131 | 19 | Mehdi Abaakouk | <pre> |
132 | 1 | Mehdi Abaakouk | $ puppet ca sign openstack.tetaneutral.net |
133 | 22 | Mehdi Abaakouk | </pre> |
134 | 19 | Mehdi Abaakouk | _Note: si un vieux cert existe: puppet node clean openstack.tetaneutral.net _ |
135 | 19 | Mehdi Abaakouk | |
136 | 1 | Mehdi Abaakouk | De nouveau sur la VM: |
137 | 19 | Mehdi Abaakouk | |
138 | 19 | Mehdi Abaakouk | <pre> |
139 | 24 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
140 | 26 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
141 | 26 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
142 | 4 | Mehdi Abaakouk | </pre> |
143 | 26 | Mehdi Abaakouk | |
144 | 27 | Mehdi Abaakouk | Il ne doit plus y avoir d'erreur la 3° fois. |
145 | 27 | Mehdi Abaakouk | |
146 | 26 | Mehdi Abaakouk | _note: Un paquet est manquant en ce moment (06/08/2014) dans jessie 'nullmailer', pour l'installer manuellement:_ |
147 | 26 | Mehdi Abaakouk | <pre> |
148 | 26 | Mehdi Abaakouk | wget http://ftp.fr.debian.org/debian/pool/main/n/nullmailer/nullmailer_1.11-2.1_amd64.deb |
149 | 26 | Mehdi Abaakouk | apt-get purge exim4-base exim4-config exim4-daemon-light |
150 | 26 | Mehdi Abaakouk | dpkg -i nullmailer_1.11-2.1_amd64.deb # Répondre n'importe quoi, ca sera ecrasé par puppet |
151 | 26 | Mehdi Abaakouk | apt-get install bsd-mailx |
152 | 26 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
153 | 26 | Mehdi Abaakouk | </pre> |
154 | 4 | Mehdi Abaakouk | |
155 | 4 | Mehdi Abaakouk | h2. Management d'openstack |
156 | 4 | Mehdi Abaakouk | |
157 | 3 | Mehdi Abaakouk | h3. Build and upload debian image: |
158 | 3 | Mehdi Abaakouk | |
159 | 3 | Mehdi Abaakouk | <pre> |
160 | 3 | Mehdi Abaakouk | $ apt-get install openstack-debian-images |
161 | 3 | Mehdi Abaakouk | #NOTE(sileht): temporairement appliquer les patches de au-dessus |
162 | 3 | Mehdi Abaakouk | $ build-openstack-debian-image -m -r jessie -u http://apt.tetaneutral.net/debian/ -s http://apt.tetaneutral.net/debian/ |
163 | 3 | Mehdi Abaakouk | $ glance image-create --file debian-jessie-7.0.0-3-amd64.raw --is-public True --human-readable --progress --disk-format raw --container-format bare --name debian-jessie-amd64 |
164 | 1 | Mehdi Abaakouk | </pre> |