OpenStack is the premiere open source Amazon AWS cloud infrastructure alternative. This post will go over installing its most critical services to a single machine and then spinning up a VM inside of it and exposing that VM to the rest of your network. You wouldn't want to run like this in production, but its good for learning or home lab use.
Do a fresh centos 7 minimal install on physical hardware. assign a static IP during the install. Then do the config and install.
yum -y update yum install -y centos-release-openstack-newton yum -y update yum install -y openstack-packstack vim wget systemctl disable firewalld systemctl stop firewalld systemctl disable NetworkManager systemctl stop NetworkManager systemctl enable network systemctl start network packstack --gen-answer-file=answers.txt vim answers.txt #vms in my lab are small and throw away. no fancy data storage needed. CONFIG_CINDER_INSTALL=n CONFIG_SWIFT_INSTALL=n CONFIG_MANILA_INSTALL=n #my hardware is crap. I'd rather not see charts and monitor usage and stuff than spend cycles doing that. CONFIG_CEILOMETER_INSTALL=n CONFIG_AODH_INSTALL=n CONFIG_GNOCCHI_INSTALL=n CONFIG_NAGIOS_INSTALL=n #run lots of vms on crap hardware CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO=20 CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO=20 #make sure networking looks like so if you want your normal network to be able to reach the VMs CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan,flat CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex #use your ethernet adapter device CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:enp3s0 #don't need orchestration, demo data, hadoop, DB as a serivce, bare metal management, or fancy load balancers CONFIG_HEAT_CFN_INSTALL=n CONFIG_HEAT_CLOUDWATCH_INSTALL=n CONFIG_PROVISION_DEMO=n CONFIG_SAHARA_INSTALL=n CONFIG_TROVE_INSTALL=n CONFIG_IRONIC_INSTALL=n CONFIG_LBAAS_INSTALL=n [root@openstack ~]# packstack --answer-file=answers.txt Installing: Clean Up [ DONE ] Discovering ip protocol version [ DONE ] Setting up ssh keys [ DONE ] Preparing servers [ DONE ] Pre installing Puppet and discovering hosts' details [ DONE ] Preparing pre-install entries [ DONE ] Setting up CACERT [ DONE ] Preparing AMQP entries [ DONE ] Preparing MariaDB entries [ DONE ] Fixing Keystone LDAP config parameters to be undef if empty[ DONE ] Preparing Keystone entries [ DONE ] Preparing Glance entries [ DONE ] Preparing Nova API entries [ DONE ] Creating ssh keys for Nova migration [ DONE ] Gathering ssh host keys for Nova migration [ DONE ] Preparing Nova Compute entries [ DONE ] Preparing Nova Scheduler entries [ DONE ] Preparing Nova VNC Proxy entries [ DONE ] Preparing OpenStack Network-related Nova entries [ DONE ] Preparing Nova Common entries [ DONE ] Preparing Neutron LBaaS Agent entries [ DONE ] Preparing Neutron API entries [ DONE ] Preparing Neutron L3 entries [ DONE ] Preparing Neutron L2 Agent entries [ DONE ] Preparing Neutron DHCP Agent entries [ DONE ] Preparing Neutron Metering Agent entries [ DONE ] Checking if NetworkManager is enabled and running [ DONE ] Preparing OpenStack Client entries [ DONE ] Preparing Horizon entries [ DONE ] Preparing Puppet manifests [ DONE ] Copying Puppet modules and manifests [ DONE ] Applying 192.168.1.66_controller.pp 192.168.1.66_controller.pp: [ DONE ] Applying 192.168.1.66_network.pp 192.168.1.66_network.pp: [ DONE ] Applying 192.168.1.66_compute.pp 192.168.1.66_compute.pp: [ DONE ] Applying Puppet manifests [ DONE ] Finalizing [ DONE ] **** Installation completed successfully ******
Now lets create the "external" network and give it an IP range to use. The IP range should be a small set of unused IPs in your real LAN network preferably outside of your DHCP range. This allows OpenStack to assign a floating IP to a VM and then that VM will be accessible to the rest of your network.
. keystonerc_admin neutron net-create external_network --provider:network_type flat --provider:physical_network extnet --router:external #update the IPs to your enviornment neutron subnet-create --name public_subnet --enable_dhcp=False --allocation-pool=start=192.168.1.70,end=192.168.1.80 --gateway=192.168.1.1 --dns-nameserver=192.168.1.1 external_network 192.168.1.0/24
Now lets download a VM hard disk image we can use. http://docs.openstack.org/image-guide/obtain-images.html
wget http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1701.qcow2 glance image-create --name=centos7 --visibility=public --disk-format=qcow2 --container-format=bare --file=CentOS-7-x86_64-GenericCloud-1701.qcow2 --progress
Now we need a user
openstack project create --enable internal #use your info openstack user create --project internal --password test1234 --email dustin@localhost --enable dustin cp keystonerc_admin keystonerc_dustin vim keystonerc_dustin unset OS_SERVICE_TOKEN export OS_USERNAME=dustin export OS_PASSWORD=test1234 export OS_AUTH_URL=http://192.168.1.66:5000/v2.0 export PS1='[\u@\h \W(keystone_dustin)]\$ ' export OS_TENANT_NAME=internal export OS_REGION_NAME=RegionOne . keystonerc_dustin
Finally the new user/tenant needs a private subnet and the ability to route out to internet. The private subnet should not be used already on your lan.
neutron router-create router1 neutron router-gateway-set router1 external_network neutron net-create private_network neutron subnet-create --name private_subnet --dns-nameserver=192.168.1.1 private_network 192.168.100.0/24 neutron router-interface-add router1 private_subnet
Before we spin up a VM you may want to browse the web GUI as an admin to see what all you can do.
`cat keystonerc_admin` and grab the OS_PASSWORD value. > http://192.168.1.66 > admin / password from before.
Alright. Now that you've seen the GUI with all the options, logout and log back in as your regular user. That is dustin/test1234 based on my example.
Before we launch that VM we need to configure a security group to allow SSH, upload our SSH key and allocate a floating IP for it to use.
Project > Compute > Access & Security > Security Groups > default > Manage Rules > Add Rule > Rule > SSH > Add #on your client machine. do a ssh-keygen first if necessary cat ~/.ssh/id_rsa.pub Project > Compute > Access & Security > Key Pairs > Import Key Pair > Name: Me > Public Key: data from cat above > Import Key Pair Project > Compute > Access & Security > Floating IPs > Allocate IP to Project > Allocate IP
Now lets launch the VM, give it a "public" IP and SSH into it.
Project > Compute > Instances > Launch Instance name: testvm source > centos7 > + flavor > m1.small > + Make sure security groups has default Make sure Key Pair has Me Launch Instance
Once its done Spawning. Click the dropdown > Associate Floating IP > Choose IP > Associate.
Now on your client machine where your SSH key is
ssh centos@FLOATING_IP. Call a
sudo yum update to make sure all the networking is working and to update the vm.
OpenStack is insanely powerful. We haven't even scratched the surface with this stuff. Enjoy digging in and playing around with it. Once you get bored with all the installed components go back and install some of the cool stuff I specifically disabled because of my needs and play with those as well.