Deploying OpenStack on just one hosted server

The RDO project recently re-bumped all their tools to both release and install OpenStack. TI was impressed by all the changes so I wanted to test it, and indeed, it works great now. Now you can easily use the full-blown TripleO installer in a single machine (with separate VMs for controller and compute) thanks to the new TripleO-QuickStart tool. The main source of documentation is: https://github.com/openstack/tripleo-quickstart – and a presentation is available here https://goo.gl/LUuYSK 

 

However, I use my laptop for work and I had only 16GB of RAM, which makes it hard to experiment with OpenStack there. Thanks to a no-setup-fees offer from OVH, I found a $49 CAD/month server with Intel Xeon, SSD drives and 32GB of RAM, and it took me just 10 minutes to create an account and pay the first month via credit card.

Quick comments before showing you how to do it:

• A hosted server has only 1 NIC: the public one. Be careful, it’s really exposed to the internet (secure it properly, with firewall rules, SSH configs, fail2ban)
• A 16GB server can work too, but it’ll be very slow. 32G is faster 🙂
• Stick to the documented path (i.e. CentOS 7)
• It will take you at least 1 or 2h from start to finish
• You’ll need SSH tunnels to connect to the Overcloud, and SOCKS proxy from your browser to see Horizon (I use FoxyProxy extension for Firefox)

In the basic scenario, your hosted server will be running 3 VMs: undercloud (12 GB RAM, 4vCPU), and  control and compute (8GB RAM, 1vCPU each). Those VMs are only visible as the stack user, root cannot see them via virsh. You can create more VMs by passing parameters to the tripleo ansible-playbooks.

[root@ooo-quickstart ~]# su - stack
Last login: Mon May 16 02:27:21 CEST 2016 on pts/0
[stack@ooo-quickstart ~]$ virsh list --all
 Id Name State
----------------------------------------------------
 2 undercloud running
 7 compute_0 running
 8 control_0 running

Step 1: Set-up the server

1. lease a server with 32G RAM
2. deploy CentOS 7.2, using a customized install to enable DISTRIBUTION KERNEL and set up /home to be most part of the disk.
   1. Otherswise, OVH installs its own kernel without KVM. Other hosting providers may do the same for security purposes
3. Once booted, write down the IP

Step 2:  Download the script to your local Linux box

The script will create a virtualenv, where Ansible2 will be downloaded, and the SSH keys will be stored. It will also install some package dependencies. Read the script first! Don’t trust anything that you download and execute “sudo bash” on it without reading it first.

$git clone https://github.com/openstack/tripleo-quickstart 
$cd tripleo-quickstart
$sudo bash quickstart.sh --install-deps

NOTE: in my Fedora 23 laptop, I had to install another package

$sudo dnf install redhat-rpm-config

Step 3: Configure your server 

You’ll receive the root password on your email. We’ll only use it for the first login, so we can copy our SSH key to the server.

$export VIRTHOST=1.2.3.4 #put your own IP here
$ssh-copy-id root@$VIRTHOST
$ssh root@$VIRTHOST uname -a #ensure it's the distribution kernel. OVH kernel says 3.14.32-xxxx-grs-ipv6-64
$ssh root@$VIRTHOST yum groupinstall "Virtualization Host" -y

NOTE: Prevent open Bugs (May 15th 2016)

I haven’t opened them as bugs yet, but just in case, with CentOS 7.2, there are two things that will break the installation at some point, and need to be solved in your Hosted Server (running CentOS) before the installation:

1. #ERROR: qemu-kvm: -chardev pty,id=charserial0: Failed to create chardev\n
   1. I solved it via https://loginroot.com/qemu-kvm-chardev-ptyidcharserial0-failed-to-create-chardev/
   2. Basically, replace the devpts line of /etc/fstab with “devpts /dev/pts devpts gid=5,mode=620 0 0“
   3. Then do “mount -o remount /dev/pts“
2. #ERROR: Node 141e60b7-19ea-43d1-b14e-fe07193cdf7d did not pass power credentials validation: SSH connection cannot be established: Failed to establish SSH connection to host 192.168.23.1 ; and DEBUG ironic.common.utils [req-8d62ae59-8832-4eec-82d6-c9139d7624a8 – – – – -] SSH connect failed: Incompatible ssh server (no acceptable macs) ssh_connect /usr/lib/python2.7/site
   1. I solved it via http://stackoverflow.com/questions/28399335/python-paramiko-incompatible-ssh-server
   2. Just edit /etc/ssh/sshd_conf and add another MAC algorithm: MACs hmac-sha1
   3. Then, restart the service with systemctl restart sshd

Step 4: Start the installation (from your laptop)

Inside the tripleo-quickstart folder, execute:

(your-laptop tripleo-quickstart)$ bash quickstart.sh $VIRTHOST

Alternatively, you can use other environment files (or even create your own), like this:

$ bash quickstart.sh --config playbooks/centosci/ha.yml  $VIRTHOST

Once finished, this message appears:

##################################
Virtual Environment Setup Complete
##################################

Access the undercloud by:

 ssh -F /home/marcos/.quickstart/ssh.config.ansible undercloud

There are scripts in the home directory to continue the deploy:

 undercloud-install.sh will run the undercloud install
 undercloud-post-install.sh will perform all pre-deploy steps
 overcloud-deploy.sh will deploy the overcloud
 overcloud-deploy-post.sh will do any post-deploy configuration
 overcloud-validate.sh will run post-deploy validation

Alternatively, you can ignore these scripts and follow the upstream docs:

First:

 openstack undercloud install
 source stackrc

Then continue with the instructions (limit content using dropdown on the left):

 http://ow.ly/Ze8nK

One by one, execute the following commands:

(your-laptop)$ ssh -F ~/.quickstart/ssh.config.ansible undercloud
#(now we're in the undercloud VM, SSH-jumped via $VIRTHOST)
[stack@undercloud ~]$ undercloud-install.sh
[stack@undercloud ~]$ undercloud-post-install.sh
[stack@undercloud ~]$ overcloud-deploy.sh
[stack@undercloud ~]$ overcloud-deploy-post.sh
[stack@undercloud ~]$ overcloud-validate.sh

Step 5: Connect to OpenStack

From the undercloud, recover the OpenStack credentials that were stored by the TripleO installer in ~/overcloudrc. and connect using the CLI as usual.

[stack@undercloud ~]$ . overcloudrc 
[stack@undercloud ~]$ keystone catalog

To use Horizon, the easiest way is to re-connect via SSH to the undercloud enabling a SOCKS proxy.

(your-laptop)$ ssh -F ~/.quickstart/ssh.config.ansible undercloud -D 9090

Then on Firefox, configure FoxyProxy extension use the SOCKS proxy on localhost:9090

Now, find out the IP and credentials to connect to Horizon

[stack@undercloud ~]$ cat overcloudrc 
export OS_AUTH_URL=http://10.0.0.4:5000/v2.0
export OS_USERNAME=admin
export OS_PASSWORD=qU8veJ3RVJZmEnvz9fzqubDbR
export OS_TENANT_NAME=admin
(...)

Finally, open the browser to http://10.0.0.4/

 

Next Steps

Now that you have a very simple openstack installation (1 controller, 1 compute) you can experiment with a production-like setup of 3 controllers and 2 computes by simply telling Ansible you want more of those profiles (see how to pass parameters to the tripleo ansible-playbooks). If you have enough space, I suggest you also enable Ceph.

You can delete your openstack installation from the undercloud by simply doing “heat stack-delete overcloud”. Then, from your laptop, re-execute the tripleo-quickstart with the new variables and it will re-configure the undercloud accordingly, saving you a lot of time (all images have been downloaded and configured already)

Happy testing!