OpenStack Folsom installation for Debian GNU/Linux Wheezy

This HOWTO describes the installation of OpenStack Folsom ( october 2012 ) on a single bare metal machine. It will allow to test OpenStack by uploading an image and running an instance from it. It includes

keystone
nova
glance
nova-network
cinder

and it does not include

horizon
quantum
ceilometer

Pre-requisites

In the following list of pre-requisites, the values are use throughout this HOWTO and should be replaced with values matching the target machine configuration and the intented usage.

10GB: in / for the system and the logs
10GB: in /var/lib/nova for instances root disks
10GB: in /var/lib/glance for bootable images
eth0: public network interface, i.e. where public IP are bound
dummy0: private network interface
192.168.42.1: private IP address on dummy0
volumes: LVM volume group dedicated to cinder

Add folsom packages

cat > /etc/apt/sources.list.d/folsom.list <<EOF
deb http://openstack.dachary.org/2013-02-20 ./
deb-src http://openstack.dachary.org/2013-02-20 ./
EOF
apt-get update

Configuring dummy0

If the bare metal machine does not have two physical network interfaces, one can be created with:

cat >> /etc/network/interfaces <<EOF
auto dummy0
iface dummy0 inet static
        address 192.168.42.1
        netmask 255.255.255.0
        network 192.168.42.0
        broadcast 192.168.42.255
EOF
ifup dummy0

Creating the cinder volume group

pvcreate /dev/vdb
vgcreate volumes /dev/vdb

Configuring the packages

The MySQL root database password is not set. When asked by debconf, return is hit and no string is typed. The answers to the other debconf questions are archived together with the questions as they show when using DEBIAN_FRONTEND=readline.

export DEBIAN_FRONTEND=readline
debconf-set-selections <<EOF
# Will this server be used to access remote databases?
dbconfig-common dbconfig-common/remote-questions-default        boolean true
# Keep "administrative" database passwords?
dbconfig-common dbconfig-common/remember-admin-pass     boolean yes
EOF
apt-get install -y dbconfig-common
apt-get install -y mysql-server
apt-get install -y --force-yes keystone 
apt-get install -y --force-yes python-cinderclient python-glanceclient memcached rabbitmq-server ntp cinder-api cinder-scheduler glance nova-api nova-console nova-scheduler nova-xvpvncproxy openstack-dashboard-apache nova-api nova-cert nova-compute nova-compute-kvm nova-network cinder-volume iscsitarget iscsitarget-dkms

Manual configuration

Networks are added to be used by tenants

nova-manage network create private --fixed_range_v4=10.20.0.0/16 --network_size=256 --num_networks=2 --vlan=100

and show with

nova-manage network list
id      IPv4                    IPv6            start address   ...
1       10.20.0.0/24            None            10.20.0.3       ...
2       10.20.1.0/24            None            10.20.1.3       ...

Load the nbd module to inject meta data:

echo nbd >> /etc/modules
modprobe nbd

sed -i -e 's/^vlan_interface.*/vlan_interface=dummy0/' \
       -e 's/^#public_interface.*/public_interface=eth0/' \
       -e 's:^#fixed_range.*:fixed_range=10.20.0.0/16:' \
       /etc/nova/nova.conf
sed -i -e 's/^libvirt_vif_driver=.*/libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtBridgeDriver/' /etc/nova/nova-compute.conf
/etc/init.d/nova-compute restart
/etc/init.d/nova-api restart
/etc/init.d/nova-scheduler restart
/etc/init.d/nova-network restart

echo iscsi_ip_prefix = 192.168. >> /etc/cinder/cinder.conf
sed -i -e s/tgtadm/iscsitarget/ /etc/cinder/cinder.conf

In /etc/default/iscsitarget set

sed -i -e s/^ISCISISCSITARGET_ENABLE.*/ISCISISCSITARGET_ENABLE=true/ /etc/default/iscsitarget

And restart the services

service iscsitarget start
service open-iscsi start
for i in /etc/init.d/cinder-* ; do $i restart ; done

Testing the installation

Immediately after the keystone installation, a single service is registered

keystone --token ADMIN --endpoint http://192.168.42.1:35357/v2.0/ service-list
+----------------------------------+----------+----------+---------------------------+
|                id                |   name   |   type   |        description        |
+----------------------------------+----------+----------+---------------------------+
n| cf8327d7e9934fdf98d7a9a6e6346369 | keystone | identity | Keystone Identity Service |
+----------------------------------+----------+----------+---------------------------+

The services are displayed with

# nova-manage service list
Binary           Host   Zone Status     State Updated_At
nova-cert        wheezy nova enabled    :-)   2013-01-13 22:38:20
nova-compute     wheezy nova enabled    :-)   2013-01-13 22:38:22
nova-console     wheezy nova enabled    :-)   2013-01-13 22:38:22
nova-consoleauth wheezy nova enabled    :-)   2013-01-13 22:38:22
nova-network     wheezy nova enabled    :-)   2013-01-13 22:38:15
nova-scheduler   wheezy nova enabled    :-)   2013-01-13 22:38:15

The client credential are exported with

export OS_PASSWORD=ADMIN
export OS_AUTH_URL=http://127.0.0.1:5000/v2.0/
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
export OS_VERSION=1.1
export OS_NO_CACHE=1

An image ( bootable disk image ) is uploaded

# wget https://launchpadlibrarian.net/83305348/cirros-0.3.0-x86_64-disk.img
glance add name="cirrOS-0.3.0-x86_64" is_public=true \
 container_format=bare \
 disk_format=qcow2 < cirros-0.3.0-x86_64-disk.img

and shows with

# nova image-list
+--------------------------------------+---------------------+--------+--------+
| ID                                   | Name                | Status | Server |
+--------------------------------------+---------------------+--------+--------+
| 0fd5cd47-fdc5-4627-a962-ef0783378ca2 | cirrOS-0.3.0-x86_64 | ACTIVE |        |
+--------------------------------------+---------------------+--------+--------+

A keypair ( ssh public key ) is uploaded

ssh-keygen
nova keypair-add --pub_key /root/.ssh/id_rsa.pub key

and shows with

# nova keypair-list
+------+-------------------------------------------------+
| Name | Fingerprint                                     |
+------+-------------------------------------------------+
| key  | e0:a3:ab:5f:01:54:5c:1d:19:40:d9:62:b4:b3:a1:0b |
+------+-------------------------------------------------+

An instance is created

nova boot --poll --flavor m1.tiny --image cirrOS-0.3.0-x86_64 --key_name key test

and shows with

nova list
+--------------------------------------+------+--------+---------------------+
| ID                                   | Name | Status | Networks            |
+--------------------------------------+------+--------+---------------------+
| f70f1f97-c537-4cec-964d-75354836ec30 | test | ACTIVE | private_0=10.20.0.3 |
+--------------------------------------+------+--------+---------------------+

The default login is cirros :

ssh cirros@10.20.0.3
$

Create a disk

# cinder create 1
# cinder list
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+
|                  ID                  |   Status  | Display Name | Size | Volume Type |             Attached to              |
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+
| 2127e851-db75-4916-b8b1-cd80f502bc4e | available |     None     |  1   |     None    |                                      |
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+

Attach the disk to the instance

# nova volume-attach test 2127e851-db75-4916-b8b1-cd80f502bc4e /dev/vdb
+----------+--------------------------------------+
| Property | Value                                |
+----------+--------------------------------------+
| device   | /dev/vdc                             |
| id       | 2127e851-db75-4916-b8b1-cd80f502bc4e |
| serverId | f70f1f97-c537-4cec-964d-75354836ec30 |
| volumeId | 2127e851-db75-4916-b8b1-cd80f502bc4e |
+----------+--------------------------------------+

Check that it is attached

# cinder list
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+
|                  ID                  |   Status  | Display Name | Size | Volume Type |             Attached to              |
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+
| 2127e851-db75-4916-b8b1-cd80f502bc4e |   in-use  |     None     |  1   |     None    | f70f1f97-c537-4cec-964d-75354836ec30 |
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+

Troubleshooting

To figure out which line of code issues a message or raises an exception:

python -u -m trace --trace  /usr/bin/keystone ...

To list the debconf answers:

apt-get install debconf-utils
debconf-get-selections | grep '^keystone'

If debconf-set-selections displays error: Cannot find a question for... run:

/usr/share/debconf/fix_db.pl

To debug or fix a postinstall script, rebuild the package with:

apt-get build-dep glance
apt-get source glance
# ... edit debian/glance-common.postinst ... 
( cd glance-* ; DEB_BUILD_OPTIONS=nocheck dpkg-buildpackage -uc -us )
dpkg -i glance-common*.deb

The openstack-pkg-tools provides functions used in all packages and it does not support DEBIAN_FRONTEND=noninteractive The following does not work :

AUTH_TOKEN=ADMIN # token used by services to dialog with keystone
wget -qO - http://openstack.dachary.org/2013-01-13/folsom-example-preseed.txt | 
  sed -e "s/ENDPOINT_IP/$(facter ipaddress_eth0)/" \
      -e "s/PRIVATE_IP/$(facter ipaddress_dummy0)/" \
      -e "s/AUTH_TOKEN/$AUTH_TOKEN/" \
  | debconf-set-selections
export DEBIAN_FRONTEND=noninteractive

The symptom of the problem can be seen during installation when the following output shows:

error encountered determining package or command:
dbconfig-common can not determine the maintainer script running it.