Install OpenStack Victoria on CentOS 8 With Packstack

Posted on 115 views

OpenStack is a widely deployed cloud operating system for controlling small to large pools of compute servers, storage, and networking resources throughout datacenter / multiple datacenters.

OpenStack comes with a dashboard (Horizon) that gives administrators control of the systems while empowering end users and tenants to provision resources through a web interface. Command line interface and REST API is also available for management and resources provisioning.

The most recent release of OpenStack as of this article writing is Victoria, which is the 22nd release of OpenStack. In the Victoria release there are outstanding new features and improvements. Improvements on integration with Kubernetes, advanced support for FPGAs and solutions for complex networking issues is addressed as well. This guide will walk you through the complete installation of OpenStack Victoria on CentOS 8 using Packstack.

Install OpenStack Victoria on CentOS 8 With Packstack

Packstack is command line utility that uses Puppet modules to deploy various parts of OpenStack on multiple pre-installed servers over SSH automatically. Currently it only supports deployment on CentOS, Red Hat Enterprise Linux (RHEL) and compatible derivatives of both are supported.

I’ll be performing the installation on a server with the following hardware.

CPU: Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz (12 Cores)
Memory: 128GB RAM
Disk: 2 x 1TB SSD
Network: 1Gbit
IPV4 Adresses: 1 x IPV4 + /27 Subnet (30 IPs)

The operating system installed on the server where we’re performing the deployment is CentOS 8 minimal edition.

Step 1: Set hostname, DNS and Update System

Set correct hostname for the server.

sudo hostnamectl set-hostname openstack.example.com

Ensure local name resolution is working on your server. Also consider adding an A record if you have a working DNS server in your infrastructure.

$ sudo vi /etc/hosts
192.168.10.11 openstack.example.com

Then Update system to ensure all packages are latest.

sudo dnf update -y

Reboot the system once it has been upgraded.

sudo reboot

Step 2: Enable repositories, disable NetworkManager

Enable the repositories that will be required to install OpenStack packages on a CentOS 8 server.

sudo dnf config-manager --enable powertools

On CentOS 8 network-scripts is deprecated and not installed by default. You need to install it manually.

sudo dnf -y install network-scripts
readlink $(readlink $(which ifup))
sudo touch /etc/sysconfig/disable-deprecation-warnings

Disable NetworkManager and Firewalld services then enable network service.

sudo systemctl disable --now NetworkManager
sudo systemctl enable network
sudo systemctl start  network

Ensure you’re using Static IP settings to avoid losing network disconnection. See below example

$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eno1
DEVICE=eno1
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.10.11
NETMASK=255.255.255.0
GATEWAY=192.168.10.254
IPV6INIT=no

If Firewalld service is running consider disabling it for ease of configurations.

sudo systemctl disable --now firewalld

Reboot the system to confirm networking is working.

sudo reboot

Step 3: Add OpenStack Victoria repository

Check available centos-release-openstack package releases using the following commands.

$ sudo dnf search centos-release-openstack
Last metadata expiration check: 8 days, 5:35:00 ago on Mon 29 Aug 2022 07:51:21 AM UTC.
=============================================================================== Name Matched: centos-release-openstack ===============================================================================
centos-release-openstack-train.noarch : OpenStack from the CentOS Cloud SIG repo configs
centos-release-openstack-ussuri.noarch : OpenStack from the CentOS Cloud SIG repo configs
centos-release-openstack-victoria.noarch : OpenStack from the CentOS Cloud SIG repo configs
centos-release-openstack-wallaby.noarch : OpenStack from the CentOS Cloud SIG repo configs
centos-release-openstack-xena.noarch : OpenStack from the CentOS Cloud SIG repo configs
centos-release-openstack-yoga.noarch : OpenStack from the CentOS Cloud SIG repo configs

I’ll install Victoria release repository package

sudo dnf -y install centos-release-openstack-yoga

Update all current OS system packages to ensure in sync.

sudo dnf update -y

Reboot the system after the upgrade:

sudo reboot

Step 4: Install Packstack and generate answers file

Install packstack which is provided by openstack-packstack package.

sudo dnf install -y openstack-packstack

Confirm successful installation by querying for the version.

$ packstack --version
packstack 20.0.0

Command options:

$ packstack --help

Generate answers file which defines variables that modifies installation of OpenStack services.

$ sudo packstack --os-neutron-ml2-tenant-network-types=vxlan \
--os-neutron-l2-agent=openvswitch \
--os-neutron-ml2-type-drivers=vxlan,flat \
--os-neutron-ml2-mechanism-drivers=openvswitch \
--keystone-admin-passwd= \
--nova-libvirt-virt-type=kvm \
--provision-demo=n \
--cinder-volumes-create=n \
--os-heat-install=y \
--os-swift-storage-size=10G \
--gen-answer-file /root/answers.txt

Set the Keystone / admin user password --keystone-admin-passwd. If you don’t have extra storage for Cinder you can use loop device for volume group by cinder-volumes-create=y but performance will not be good. Above are the standard settings but you can pass as many options as it suites your desired deployment.

You can modify the answers file generated to add more options.

sudo vi /root/answers.txt

Step 5: Install OpenStack Victoria on CentOS 8 With Packstack

If satisfied with the contents in the answers file initiate deployment of OpenStack Victoria on CentOS 8 With Packstack:

#Disable the demo provisioning
sudo packstack --allinone --provision-demo=n

# With Demo
sudo packstack --allinone

# With answers file
sudo packstack --answer-file /root/answers.txt --timeout=3000

Installation process should be started and may take some time to complete:

....
Gathering ssh host keys for Nova migration           [ DONE ]
Preparing Nova Compute entries                       [ DONE ]
Preparing Nova Scheduler entries                     [ DONE ]
Preparing Nova VNC Proxy entries                     [ DONE ]
Preparing OpenStack Network-related Nova entries     [ DONE ]
Preparing Nova Common entries                        [ DONE ]
Preparing Neutron API entries                        [ DONE ]
Preparing Neutron L3 entries                         [ DONE ]
Preparing Neutron L2 Agent entries                   [ DONE ]
Preparing Neutron DHCP Agent entries                 [ DONE ]
Preparing Neutron Metering Agent entries             [ DONE ]
Checking if NetworkManager is enabled and running    [ DONE ]
Preparing OpenStack Client entries                   [ DONE ]
Preparing Horizon entries                            [ DONE ]
Preparing Swift builder entries                      [ DONE ]
Preparing Swift proxy entries                        [ DONE ]
Preparing Swift storage entries                      [ DONE ]
Preparing Heat entries                               [ DONE ]
Preparing Heat CloudFormation API entries            [ DONE ]
Preparing Gnocchi entries                            [ DONE ]
Preparing Redis entries                              [ DONE ]
Preparing Ceilometer entries                         [ DONE ]
Preparing Aodh entries                               [ DONE ]
Preparing Puppet manifests                           [ DONE ]
Copying Puppet modules and manifests                 [ DONE ]
Applying 192.168.10.11_controller.pp
192.168.10.11_controller.pp:                         [ DONE ]
Applying 192.168.10.11_network.pp
192.168.10.11_network.pp:                            [ DONE ]
Applying 192.168.10.11_compute.pp
192.168.10.11_compute.pp:                            [ DONE ]
Applying Puppet manifests                            [ DONE ]
Finalizing                                           [ DONE ]

 **** Installation completed successfully ******

Additional information:
 * Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
 * File /root/keystonerc_admin has been created on OpenStack client host 192.168.10.11. To use the command line tools you need to source the file.
 * To access the OpenStack Dashboard browse to http://192.168.10.11/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
 * The installation log file is available at: /var/tmp/packstack/20201216-023529-0df1tgus/openstack-setup.log
 * The generated manifests are available at: /var/tmp/packstack/20201216-023529-0df1tgus/manifests

You can now source the keystone admin profile in your terminal session.

source ~/keystonerc_admin

Check if you can call the openstack CLI to interact with OpenStack services.

$ openstack service list
+----------------------------------+------------+----------------+
| ID                               | Name       | Type           |
+----------------------------------+------------+----------------+
| 016e1a0f299e4188a4ff2f0951041890 | swift      | object-store   |
| 02b03ebfe32a48a8ba1b4eb886fea509 | cinderv2   | volumev2       |
| 0ee374b1619e44dd8c3f1f8c8792b08b | nova       | compute        |
| 4eddc25d9c6c42c29ed4aaf3a690e073 | aodh       | alarming       |
| 51ec76355583449aac07c7570750bfda | heat       | orchestration  |
| 75797c5e394f419f9de85e8f424914fa | neutron    | network        |
| 75e2d698d2114d028769621995232a35 | glance     | image          |
| 84da19176cb84382a7a87d9461ab926e | placement  | placement      |
| 8d228baf96b24d97934d1f722337f0ee | heat-cfn   | cloudformation |
| 9e944a5b9a3d474ebc60fd85f0c080bd | cinderv3   | volumev3       |
| 9e9507529ec4454daebeb30183a06d16 | gnocchi    | metric         |
| bf915960baff410db3583cc66ee55daa | keystone   | identity       |
| fbb3e1eb3d6b489386648476e1c55877 | ceilometer | metering       |
+----------------------------------+------------+----------------+

To login to Horizon Dashboard I’ll use the URL: http://192.168.10.11/dashboard

install-openstack-centos-8-01-1024x559

Step 6: Configure Neutron Networking

Migrate your primary interface network configurations to a bridge. These are the updated network configurations on my server.

$ sudo  vi /etc/sysconfig/network-scripts/ifcfg-eno1
DEVICE=eno1
ONBOOT=yes
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex

$ sudo vi /etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE=br-ex
BOOTPROTO=none
ONBOOT=yes
TYPE=OVSBridge
DEVICETYPE=ovs
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
IPADDR=192.168.10.11
NETMASK=255.255.255.0
GATEWAY=192.168.10.254

Create OVS bridge and add the interface.

sudo ovs-vsctl add-port br-ex eno1

Restart network service for the updates to be effected.

sudo systemctl restart network.service

Confirm IP address information.

$ ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eno1:  mtu 1500 qdisc fq_codel master ovs-system state UP group default qlen 1000
    link/ether b4:2e:99:47:f1:df brd ff:ff:ff:ff:ff:ff
       valid_lft forever preferred_lft forever
3: ovs-system:  mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether f2:1d:71:2b:ab:66 brd ff:ff:ff:ff:ff:ff
4: br-ex:  mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether b4:2e:99:47:f1:df brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.11/24 scope global br-ex
       valid_lft forever preferred_lft forever
5: br-int:  mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 5a:bc:36:f1:b8:48 brd ff:ff:ff:ff:ff:ff
6: br-tun:  mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 2a:d9:4a:b2:84:47 brd ff:ff:ff:ff:ff:ff

Create private network on OpenStack.

$ openstack network create private
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        |                                      |
| created_at                | 2020-12-16T17:39:11Z                 |
| description               |                                      |
| dns_domain                | None                                 |
| id                        | 03eff42c-0b21-43e6-bbb6-164552279961 |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| is_default                | False                                |
| is_vlan_transparent       | None                                 |
| mtu                       | 1450                                 |
| name                      | private                              |
| port_security_enabled     | True                                 |
| project_id                | f9e4445b9ac14d4da47d0a0451f2e0c9     |
| provider:network_type     | vxlan                                |
| provider:physical_network | None                                 |
| provider:segmentation_id  | 10                                   |
| qos_policy_id             | None                                 |
| revision_number           | 1                                    |
| router:external           | Internal                             |
| segments                  | None                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tags                      |                                      |
| updated_at                | 2020-12-16T17:39:11Z                 |
+---------------------------+--------------------------------------+

Create a subnet for the private network:

$ openstack subnet create --network private --allocation-pool \
    start=172.10.10.50,end=172.10.10.200 \
    --dns-nameserver 8.8.8.8 --dns-nameserver 8.8.4.4 \
    --subnet-range 172.10.10.0/24 private_subnet

+----------------------+-----------------------------------------------+
| Field                | Value                                         |
+----------------------+-----------------------------------------------+
| allocation_pools     | 172.10.10.50-172.10.10.200                    |
| cidr                 | 172.10.10.0/24                                |
| created_at           | 2020-12-16T17:40:11Z                          |
| description          |                                               |
| dns_nameservers      | 213.133.100.100, 213.133.98.98, 213.133.99.99 |
| dns_publish_fixed_ip | None                                          |
| enable_dhcp          | True                                          |
| gateway_ip           | 172.10.10.1                                   |
| host_routes          |                                               |
| id                   | bd52f697-7e61-4f70-a416-78dde193b0c2          |
| ip_version           | 4                                             |
| ipv6_address_mode    | None                                          |
| ipv6_ra_mode         | None                                          |
| name                 | private_subnet                                |
| network_id           | 03eff42c-0b21-43e6-bbb6-164552279961          |
| prefix_length        | None                                          |
| project_id           | f9e4445b9ac14d4da47d0a0451f2e0c9              |
| revision_number      | 0                                             |
| segment_id           | None                                          |
| service_types        |                                               |
| subnetpool_id        | None                                          |
| tags                 |                                               |
| updated_at           | 2020-12-16T17:40:11Z                          |
+----------------------+-----------------------------------------------+

Create public network:

$ openstack network create --provider-network-type flat \
  --provider-physical-network extnet \
  --external public

+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        |                                      |
| created_at                | 2020-12-16T17:47:40Z                 |
| description               |                                      |
| dns_domain                | None                                 |
| id                        | 95cbb9bc-ddcc-412f-9496-3f77dff3f030 |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| is_default                | False                                |
| is_vlan_transparent       | None                                 |
| mtu                       | 1500                                 |
| name                      | public                               |
| port_security_enabled     | True                                 |
| project_id                | f9e4445b9ac14d4da47d0a0451f2e0c9     |
| provider:network_type     | flat                                 |
| provider:physical_network | extnet                               |
| provider:segmentation_id  | None                                 |
| qos_policy_id             | None                                 |
| revision_number           | 1                                    |
| router:external           | External                             |
| segments                  | None                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tags                      |                                      |
| updated_at                | 2020-12-16T17:47:40Z                 |
+---------------------------+--------------------------------------+

Define subnet for the public network. It could be an actual public IP network.

$ openstack subnet create --network public --allocation-pool \
  start=192.168.10.100,end=192.168.10.200 --no-dhcp \
  --subnet-range 192.168.10.0/24 public_subnet

+----------------------+--------------------------------------+
| Field                | Value                                |
+----------------------+--------------------------------------+
| allocation_pools     | 192.168.10.100-192.168.10.200        |
| cidr                 | 192.168.10.0/24                      |
| created_at           | 2020-12-16T17:48:40Z                 |
| description          |                                      |
| dns_nameservers      |                                      |
| dns_publish_fixed_ip | None                                 |
| enable_dhcp          | False                                |
| gateway_ip           | 192.168.10.254                       |
| host_routes          |                                      |
| id                   | 0063aaf9-9e3d-4634-a4c7-ddf0e66c2b75 |
| ip_version           | 4                                    |
| ipv6_address_mode    | None                                 |
| ipv6_ra_mode         | None                                 |
| name                 | public_subnet                        |
| network_id           | 95cbb9bc-ddcc-412f-9496-3f77dff3f030 |
| prefix_length        | None                                 |
| project_id           | f9e4445b9ac14d4da47d0a0451f2e0c9     |
| revision_number      | 0                                    |
| segment_id           | None                                 |
| service_types        |                                      |
| subnetpool_id        | None                                 |
| tags                 |                                      |
| updated_at           | 2020-12-16T17:48:40Z                 |
+----------------------+--------------------------------------+

Create a router that will connect public and private subnets.

$ openstack router create private_router
+-------------------------+--------------------------------------+
| Field                   | Value                                |
+-------------------------+--------------------------------------+
| admin_state_up          | UP                                   |
| availability_zone_hints |                                      |
| availability_zones      |                                      |
| created_at              | 2020-12-16T17:50:14Z                 |
| description             |                                      |
| distributed             | False                                |
| external_gateway_info   | null                                 |
| flavor_id               | None                                 |
| ha                      | False                                |
| id                      | 0e3d364e-586a-4c17-854d-4e05cddb27fc |
| name                    | private_router                       |
| project_id              | f9e4445b9ac14d4da47d0a0451f2e0c9     |
| revision_number         | 1                                    |
| routes                  |                                      |
| status                  | ACTIVE                               |
| tags                    |                                      |
| updated_at              | 2020-12-16T17:50:14Z                 |
+-------------------------+--------------------------------------+

Set external gateway as public network on the router.

openstack router set --external-gateway public private_router

Link private network to the router.

openstack router add subnet private_router private_subnet

Check to ensure network connectivity is working.

openstack router list
openstack router show private_router | grep external_gateway_info
ping -c 2 IPAdress

Step 7: Spin a test instance

Our OpenStack Cloud platform should be ready for use. We’ll download Cirros cloud image.

mkdir ~/images && cd ~/images
sudo yum -y install curl wget
VERSION=$(curl -s http://download.cirros-cloud.net/version/released)
wget http://download.cirros-cloud.net/$VERSION/cirros-$VERSION-x86_64-disk.img

Upload Cirros image to Glance

openstack image create --disk-format qcow2 \
  --container-format bare --public \
  --file ./cirros-$VERSION-x86_64-disk.img "Cirros"

Confirm image uploaded

$ openstack image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| 98d260ec-1ccc-46d6-bfb7-f52ca478dd0e | Cirros | active |
+--------------------------------------+--------+--------+

Create Security Group for all access.

openstack security group create permit_all --description "Allow all ports"
openstack security group rule create --protocol TCP --dst-port 1:65535 --remote-ip 0.0.0.0/0 permit_all
openstack security group rule create --protocol ICMP --remote-ip 0.0.0.0/0 permit_all

Create another security group for limited access – standard access ports ICMP22, 80, 443

openstack security group create limited_access --description "Allow base ports"
openstack security group rule create --protocol ICMP --remote-ip 0.0.0.0/0 limited_access
openstack security group rule create --protocol TCP --dst-port 22 --remote-ip 0.0.0.0/0 limited_access
openstack security group rule create --protocol TCP --dst-port 80 --remote-ip 0.0.0.0/0 limited_access
openstack security group rule create --protocol TCP --dst-port 443 --remote-ip 0.0.0.0/0 limited_access

List all security groups:

openstack security group list

Confirming. rules in the security group.

openstack security group show permit_all
openstack security group show limited_access

Create Private Key

ssh-keygen # if you don't have ssh keys already

Add key to Openstack:

$  openstack keypair create --public-key ~/.ssh/id_rsa.pub admin
+-------------+-------------------------------------------------+
| Field       | Value                                           |
+-------------+-------------------------------------------------+
| fingerprint | 19:7b:5c:14:a2:21:7a:a3:dd:56:c6:e4:3a:22:e8:3f |
| name        | admin                                           |
| user_id     | 513f0abd6eba4b0fab2754166f38e0f2                |
+-------------+-------------------------------------------------+

Confirm keypair is available on OpenStack:

$ openstack keypair list
+-------+-------------------------------------------------+
| Name  | Fingerprint                                     |
+-------+-------------------------------------------------+
| admin | 19:7b:5c:14:a2:21:7a:a3:dd:56:c6:e4:3a:22:e8:3f |
+-------+-------------------------------------------------+

Listing available networks:

$ openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID                                   | Name    | Subnets                              |
+--------------------------------------+---------+--------------------------------------+
| 03eff42c-0b21-43e6-bbb6-164552279961 | private | bd52f697-7e61-4f70-a416-78dde193b0c2 |
| 95cbb9bc-ddcc-412f-9496-3f77dff3f030 | public  | 0063aaf9-9e3d-4634-a4c7-ddf0e66c2b75 |
+--------------------------------------+---------+--------------------------------------+

Check available instance flavors:

$ openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name      |   RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 1  | m1.tiny   |   512 |    1 |         0 |     1 | True      |
| 2  | m1.small  |  2048 |   20 |         0 |     1 | True      |
| 3  | m1.medium |  4096 |   40 |         0 |     2 | True      |
| 4  | m1.large  |  8192 |   80 |         0 |     4 | True      |
| 5  | m1.xlarge | 16384 |  160 |         0 |     8 | True      |
+----+-----------+-------+------+-----------+-------+-----------+

Let’s create an instance on the private network

openstack server create \
  --flavor m1.tiny \
  --image "Cirros" \
  --network private \
  --key-name admin \
  --security-group permit_all \
  mycirros

Check if the instance is created successfully.

$ openstack server list
+--------------------------------------+----------+--------+---------------------------------------+--------------+---------+
| ID                                   | Name     | Status | Networks                              | Image        | Flavor  |
+--------------------------------------+----------+--------+---------------------------------------+--------------+---------+
| 043ba014-1670-4b50-8abf-50210c716611 | mycirros | ACTIVE | private=172.10.10.113                 | Cirros-0.5.1 | m1.tiny |
+--------------------------------------+----------+--------+---------------------------------------+--------------+---------+

To associate a floating IP from the public subnet use the guide below:

How To Assign a Floating IP Address to an Instance in OpenStack

Once floating IP is assigned you can ssh to the instance with private key.

$ ssh [email protected]
Warning: Permanently added '192.168.10.104' (ECDSA) to the list of known hosts.
Enter passphrase for key '/Users/jkmutai/.ssh/id_rsa':

$ cat /etc/os-release
NAME=Buildroot
VERSION=2019.02.1-00002-g77a944c-dirty
ID=buildroot
VERSION_ID=2019.02.1
PRETTY_NAME="Buildroot 2019.02.1"

$ ping computingpost.com -c 2
PING computingpost.com (104.26.5.192): 56 data bytes
64 bytes from 104.26.5.192: seq=0 ttl=56 time=22.220 ms
64 bytes from 104.26.5.192: seq=1 ttl=56 time=22.190 ms

--- computingpost.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 22.190/22.205/22.220 ms

For instance deployment with Terraform check:

I hope this article helped you to install OpenStack Victoria on CentOS 8 Server. This deployment method is not for highly Production deployments of OpenStack. Review other OpenStack deployment methods fit for Production setups.

coffee

Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.