OpenStack Cloud Computing Cookbook

http://www.openstackcookbook.com/

Tag Archives: cookbook

Book Discount Codes; Love in Tokyo

Understand, install, configure, and manage Nova

Understand, install, configure, and manage Nova

It’s time to say sayonara to the OpenStack Summit in Tokyo, but never fear, if you weren’t one of the lucky Stackers to grab one of the signed copies of the OpenStack Cloud Computing Cookbook or Learning OpenStack Networking (Neutron) then use the following codes:

50% Off ebook: OpenStack50

30% Off print: OpenStack30

These codes are valid until November 15th direct from PacktPub. The print copy includes the ebook too in non DRM format to use on whatever device you use.

More information can be found here: http://bit.ly/1LWUkQj

The OpenStack Cloud Computing Cookbook – Third Edition – is now available to purchase!

Thanks to Cody Bunch and Egle Sigler – and whole bunch of tech reviewers spanning the cloud and OpenStack community, the OpenStack Cloud Computing Cookbook has had its 3rd reboot. We cover configuration of Nova, Neutron, Glance, Keystone, Cinder and Swift. We show you how to use these. We show you how to use Ansible to deploy this in your datacentre. We show you how to use things like Heat and Cloud-Init to automate your cloud application environments as well as the latest and greatest like DVR and FWaaS.

We provide this with an accompanying multi-node Vagrant environment, where you can try out the steps in the book using free and open source stools such as VirtualBox and Vagrant – and we always make the latest versions of OpenStack available here too.

This is the best book in the series by far and now it’s available to buy here.

-Kevin Jackson

Installing and Configuring OpenLDAP

In order to operate OpenStack Identity service with an external authentication source, it is necessary that one have an external authentication service available. In the OpenStack Cloud Computing Cookbook, we used OpenLDAP. As installing and configuring OpenLDAP is beyond the scope of the book, that information is provided here.

Getting ready

We will be performing an installation and configuration of OpenLDAP on it’s own Ubuntu 14.04 server.

How to do it…

We will break this into two steps: installing OpenLDAP, and configuring it for use with OpenStack.

Installing OpenLDAP

Once you are logged in, to your Ubuntu 14.04 node, run the following commands to install OpenLDAP:
We set the Ubuntu installer to non-interactive, as we will be providing the configuration values for OpenLDAP prior to installation:

export DEBIAN_FRONTEND=noninteractive

Next we provide an admin password so OpenLDAP will install:

echo -e " \
slapd slapd/internal/generated_adminpw password openstack
slapd slapd/password2 password openstack
slapd slapd/internal/adminpw password openstack
slapd slapd/password1 password openstack
" | sudo debconf-set-selections

Finally, we install OpenLDAP via slapd package:

sudo apt-get install -y slapd ldap-utils

Configuring

OpenStack has a few requirements regarding which attribute types are used for user information. To accomodate this in our OpenLDAP we need to add these values to the new-attributes schema file:

sudo echo "
 attributetype ( 1.2.840.113556.1.4.8 NAME 'userAccountControl'
 SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' )
objectclass ( 1.2.840.113556.1.5.9 NAME 'user'
 DESC 'a user'
 SUP inetOrgPerson STRUCTURAL
 MUST ( cn )
 MAY ( userPassword $ memberOf $ userAccountControl ) )
" >> /etc/ldap/schema/new-attributes.schema

Finally, restart OpenLDAP:

sudo service slapd restart

How it works…

What we have done here is install OpenLDAP on Ubuntu 14.04. Additionally we created an LDAP schema, configuring the userAccountControl property, and configuring a ‘user’ object to provide login authorization.

Pre-Order OpenStack Cloud Computing Cookbook and get 30% Off Before 25th July!

openstackbook3rdedcoverThe OpenStack Cloud Computing Cookbook, 3rd Edition is due for publication in August 2015. You can reserve a copy and get a whopping 30% Off with the code OCCC30 if used before July 25th 2015 from the Packt website.

We cover Juno and Kilo installations – and always maintain an updated multi-node learning environment with the latest releases at https://github.com/OpenStackCookbook/OpenStackCookbook

This is what we cover in the book to help you install and configure OpenStack for your environment, whether you’re setting up a lab or ready to move to production:


Chapter 1: Keystone
– Installation, Setting up SSL, using with LDAP and more!
Chapter 2: Glance – Installation, using with Object Storage, migrating from disk versions and more!
Chapter 3: Neutron – Installation, configuration of OVS, creating networks, using distributed virtual routers and more!
Chapter 4: Nova – Installation, configuration, launching instances, host aggregates and much more!
Chapter 5: Swift – Installation, configuration, rings and more!
Chapter 6: Using Swift – Uploading objects, large objects, containers, container replication and more!
Chapter 7: Administering Swift – monitoring, collecting stats, dealing with failures and more!
Chapter 8: Cinder – Installation, using and configuring 3rd party backends and more!
Chapter 9: More OpenStack – Cloud-init, LBaaS, FWaaS, Ceilometer and Heat!
Chapter 10: Horizon – Installation and configuration and using the dashboard!
Chapter 11: Production OpenStack – configuring HA, clusters, using Galera and other techniques and automation using Ansible!

Get your copy today at bit.ly/1MtAJov with 30% Off Code OCCC30

Pens down. It’s a wrap! OpenStack Cloud Computing Cookbook 3rd Edition coming soon!

B04127_MockupCover_CookbookLate Friday night July 3rd 2015, or early evening to my US counterparts, we finished the edits on the OpenStack Cloud Computing Cookbook, 3rd Edition. Wow – 3 Editions.

I started writing the first edition back in 2011. Back then, OpenStack Diablo was THE production ready release. It had many promises and I was keen to learn more after dipping my toes into the OpenStack water with the Bexar release months before. Of course, I pronounced this wrong. So much for a country who frowns upon our additional characters in the English language.

This book was very popular and has taken me on a journey I wasn’t expecting. As time went on, Diablo wasn’t as hot property as it sounds and after being approached by none other than Cody Bunch who convinced me to write another, the 2nd Edition was needed. This was another 10 months getting a “few updates” in the book. This was published in June 2013 and was based on Grizzly.

Fast forward towards the end of 2014 and through a mental lapse, Cody yet again thought it might be a good idea to do another. Along the way of ideas, we picked up the esteemed Egle Sigler. Putting in a few more updates and with 50% more help, this would be a breeze to get the book updated for Juno. Or so we thought.

About 8 months later, we made it. We have updated sections that include how to install the very latest OpenStack Kilo using Ansible. Over 110 recipes has had an upgrade, rewrite or is a brand new addition to the book. We listened and we have a book that takes you through all the essential components and much more. We take you through step by step instructions on how you could run this in your datacentres.

We wouldn’t have made this possible without the immense valuable feedback from our tech reviewers. Thank you for keeping us on track and making this book even better than it was going to be:

Andy McCrae, Sriram Rajan, Melissa Palmer, Stefan Lenz, Chris Beatty, Walter Bentley and Victoria Martínez de la Cruz.

And a big shout out to Tim Bell for writing an excellent foreword to the book. We are truly honoured. I’m expecting a signed copy from him in the post.

So go out and by the thing. You won’t regret it.

Kevin Jackson

Pre-Requisites for the OpenStack Cloud Computing Cookbook lab

The OpenStack Cloud Computing Cookbook has been written in such a way so that our readers can follow each section to understand, install and configure each component of the OpenStack environment. We cover Compute (Nova), Identity (Keystone), Image (Glance), Networking (Neutron), Storage (Cinder and Swift) as well as many other services such as how to install these components using Ansible. As such, there are elements of the OpenStack environment that don’t fit in any particular chapter. These supporting services are:

Installing MariaDB for OpenStack Cloud Computing Cookbook

The examples in the OpenStack Cloud Computing Cookbook assumes you have a suitable database backend configured to run the OpenStack services. This didn’t fit with any single chapter or service as they all rely on something like MariaDB or MySQL. If you don’t have this installed, follow these steps which you should be able to copy and paste to run in your environment.

Getting ready

We will be performing an installation and configuration of MariaDB on the Controller node that is shown in the diagram. MariaDB and MySQL are interchangeable in terms of providing the necessary MySQL database connections required for OpenStack. More information can be found at the MariaDB website. In the examples through the book, the IP address of the Controller that this will be on, and will be used by the services in the book, will be 172.16.0.200.

OpenStack Cloud Computing Cookbook Lab Environment

How to do it…

To install MariaDB, carry out the following steps as root

Tip: A script is provided here for you to run the commands below

  1. We first set some variables that will be used in the subsequent steps. This allows you to edit to suit your own environment.
    export MYSQL_HOST=172.16.0.200
    export MYSQL_ROOT_PASS=openstack
    export MYSQL_DB_PASS=openstack
  2. We then set some defaults in debconf to avoid any interactive prompts
    echo "mysql-server-5.5 mysql-server/root_password password $MYSQL_ROOT_PASS" | sudo debconf-set-selections
    echo "mysql-server-5.5 mysql-server/root_password_again password $MYSQL_ROOT_PASS" | sudo debconf-set-selections
    echo "mysql-server-5.5 mysql-server/root_password seen true" | sudo debconf-set-selections
    echo "mysql-server-5.5 mysql-server/root_password_again seen true" | sudo debconf-set-selections
  3. We then install the required packages with the following command
    sudo apt-get -y install mariadb-server python-mysqldb
  4. We now tell MariaDB to listen on all interfaces as well as set a max connection limit. Note, edit to suit the security and requirements in your environment.
    sudo sed -i "s/^bind\-address.*/bind-address = 0.0.0.0/g" /etc/mysql/my.cnf
    sudo sed -i "s/^#max_connections.*/max_connections = 512/g" /etc/mysql/my.cnf
  5. To speed up MariaDB as well as help with permissions, add the following line to /etc/mysql/conf.d/skip-name-resolve.cnf
    echo "[mysqld]
    skip-name-resolve" > /etc/mysql/conf.d/skip-name-resolve.cnf
  6. We configure UTF-8 with the following
    echo "[mysqld]
    collation-server = utf8_general_ci
    init-connect='SET NAMES utf8'
    character-set-server = utf8" > /etc/mysql/conf.d/01-utf8.cnf
  7. We pick up the changes made by restarting MariaDB with the following command
    sudo service mysql restart
  8. We now ensure the root user has the correct permissions to allow us to create further databases and users
    mysql -u root -p${MYSQL_ROOT_PASS} -h localhost -e "GRANT ALL ON *.* to root@\"localhost\" IDENTIFIED BY \"${MYSQL_ROOT_PASS}\" WITH GRANT OPTION;"
    mysql -u root -p${MYSQL_ROOT_PASS} -h localhost -e "GRANT ALL ON *.* to root@\"${MYSQL_HOST}\" IDENTIFIED BY \"${MYSQL_ROOT_PASS}\" WITH GRANT OPTION;"
    mysql -u root -p${MYSQL_ROOT_PASS} -h localhost -e "GRANT ALL ON *.* to root@\"%\" IDENTIFIED BY \"${MYSQL_ROOT_PASS}\" WITH GRANT OPTION;"
  9. We run the following command to pick up the permission changes
    mysqladmin -uroot -p${MYSQL_ROOT_PASS} flush-privileges

How it works…

What we have done here is install and configure MariaDB on our Controller node that is hosted with address 172.16.0.200. When we configure our OpenStack services that required a database connection, they will use the address format mysql://user:password@172.16.0.200/service.

See Also

The 3rd Edition of the OpenStack Cloud Computing Cookbook covers installation of highly available MariaDB with Galera

Creating a Sandbox Environment for the OpenStack Cloud Computing Cookbook

Creating a sandbox environment using VirtualBox (or VMware Fusion) and Vagrant allows us to discover and experiment with the OpenStack services. VirtualBox gives us the ability to spin up virtual machines and networks without affecting the rest of our working environment, and is freely available at http://www.virtualbox.org for Windows, Mac OS X, and Linux. Vagrant allows us to automate this task, meaning we can spend less time creating our test environments and more time using OpenStack. This test environment can then be used for the rest of the OpenStack Cloud Computing Cookbook.

It is assumed that the computer you will be using to run your test environment in has enough processing power that has hardware virtualization support (for example, Intel VT-X and AMD-V support) with at least 8 GB RAM. Remember we’re creating a virtual machine that itself will be used to spin up virtual machines, so the more RAM you have, the better.

Getting ready

To begin with, we must download VirtualBox from http://www.virtualbox.org/ and then follow the installation procedure once this has been downloaded.

We also need to download and install Vagrant, which will be covered in the later part.

The steps throughout the book assume the underlying operating system that will be used to install OpenStack on will be Ubuntu 14.04 LTS release.

We don’t need to download a Ubuntu 14.04 ISO as we use our Vagrant environment do this for us.

How to do it…

To create our sandbox environment within VirtualBox we will use Vagrant to define a number of virtual machines that allows us to run all of the OpenStack services used in the OpenStack Cloud Computing Cookbook.

controller = Controller services (APIs + Shared Services)
network = OpenStack Network node
compute = OpenStack Compute (Nova) for running KVM instances
swift = OpenStack Object Storage (All-In-One) installation
cinder = OpenStack Block Storage node

 

These virtual machines will be configured with at an appropriate amount of RAM, CPU and Disk, and have a total of four network interfaces. Vagrant automatically setups an interface on our virtual machine that will NAT (Network Address Translate) traffic out, allowing our virtual machine to connect to the network outside of VirtualBox to download packages. This NAT interface is not mentioned in our Vagrantfile but will be visible on our virtual machine as eth0. A Vagrantfile, which is found in the working directory of our virtual machine sandbox environment, is a simple file that describes our virtual machines and how VirtualBox will create them. We configure our first interface for use in our OpenStack environment, which will be the host network interface of our OpenStack virtual machines (the interface a client will connect to Horizon, or use the API), a second interface will be for our private network that OpenStack Compute uses for internal communication between different OpenStack Compute hosts and a third which will be used when we look at Neutron networking as an external provider network. When these virtual machines become available after starting them up, you will see the four interfaces that are explained below:

eth0 = VirtualBox NAT
eth1 = Host Network
eth2 = Private (or Tenant) Network (host-host communication for Neutron created networks)
eth3 = Neutron External Network (when creating an externally routed Neutron network)

Carry out the following steps to create a virtual machine with Vagrant that will be used to run the OpenStack services:

      1. Install VirtualBox from http://www.virtualbox.org/The book was written using VirtualBox version 4.3.18
      2. Install Vagrant from http://www.vagrantup.com/The book was written using Vagrant version 1.6.5
      3. Once installed, we can define our virtual machine and networking in a file called Vagrantfile. To do this, create a working directory (for example, “~/cookbook” and edit a file in here called Vagrantfile as shown in the following command snippet:
        mkdir ~/cookbook
        cd ~/cookbook
        vim Vagrantfile
      4. We can now proceed to configure Vagrant by editing the ~/cookbook/Vagrantfile file with the following code:
        # -*- mode: ruby -*-
        # vi: set ft=ruby :
        # We set the last octet in IPV4 address here
        nodes = {
         'controller' => [1, 200],
         'network' => [1, 202],
         'compute' => [1, 201],
         'swift' => [1, 210],
         'cinder' => [1, 211],
        }
        
        Vagrant.configure("2") do |config| 
          # Virtualbox
          config.vm.box = "trusty64"
          config.vm.box_url = "http://cloud-images.ubuntu.com/vagrant/trusty/current/trusty-server-cloudimg-amd64-vagrant-disk1.box"
          config.vm.synced_folder ".", "/vagrant", type: "nfs"
        
          # VMware Fusion / Workstation
          config.vm.provider "vmware_fusion" do |vmware, override|
            override.vm.box = "trusty64_fusion"
            override.vm.box_url = "https://oss-binaries.phusionpassenger.com/vagrant/boxes/latest/ubuntu-14.04-amd64-vmwarefusion.box"
            override.vm.synced_folder ".", "/vagrant", type: "nfs"
        
            # Fusion Performance Hacks
            vmware.vmx["logging"] = "FALSE"
            vmware.vmx["MemTrimRate"] = "0"
            vmware.vmx["MemAllowAutoScaleDown"] = "FALSE"
            vmware.vmx["mainMem.backing"] = "swap"
            vmware.vmx["sched.mem.pshare.enable"] = "FALSE"
            vmware.vmx["snapshot.disabled"] = "TRUE"
            vmware.vmx["isolation.tools.unity.disable"] = "TRUE"
            vmware.vmx["unity.allowCompostingInGuest"] = "FALSE"
            vmware.vmx["unity.enableLaunchMenu"] = "FALSE"
            vmware.vmx["unity.showBadges"] = "FALSE"
            vmware.vmx["unity.showBorders"] = "FALSE"
            vmware.vmx["unity.wasCapable"] = "FALSE"
          end
          
          # Default is 2200..something, but port 2200 is used by forescout NAC agent.
          config.vm.usable_port_range= 2800..2900
        
          nodes.each do |prefix, (count, ip_start)|
            count.times do |i|
              hostname = "%s" % [prefix, (i+1)]
        
              config.vm.define "#{hostname}" do |box|
                box.vm.hostname = "#{hostname}.book"
                box.vm.network :private_network, ip: "172.16.0.#{ip_start+i}", :netmask => "255.255.0.0"
                box.vm.network :private_network, ip: "172.10.0.#{ip_start+i}", :netmask => "255.255.0.0" 
                box.vm.network :private_network, ip: "192.168.100.#{ip_start+i}", :netmask => "255.255.255.0"
        
                # If using Fusion
                box.vm.provider :vmware_fusion do |v|
                  v.vmx["memsize"] = 1024
                  if prefix == "compute" or prefix == "controller" or prefix == "swift"
                    v.vmx["memsize"] = 2048
                  end # if
                end # box.vm fusion
        
                # Otherwise using VirtualBox
                box.vm.provider :virtualbox do |vbox|
                  # Defaults
                  vbox.customize ["modifyvm", :id, "--memory", 1024]
                  vbox.customize ["modifyvm", :id, "--cpus", 1]
                  vbox.customize ["modifyvm", :id, "--nicpromisc3", "allow-all"]
                  vbox.customize ["modifyvm", :id, "--nicpromisc4", "allow-all"]
                  if prefix == "compute" or prefix == "controller" or prefix == "swift"
                    vbox.customize ["modifyvm", :id, "--memory", 2048]
                    vbox.customize ["modifyvm", :id, "--cpus", 2]
                  end # if
                end # box.vm virtualbox
              end # config.vm.define 
            end # count.times
          end # nodes.each
        end # Vagrant.configure("2")
      5. We are now ready to power on our controller node. We do this by simply running the following command:
        vagrant up

Congratulations! We have successfully created the VirtualBox virtual machines running on Ubuntu 14.04 which is able to run OpenStack services.

How it works…

What we have done is defined a number of virtual machines within VirtualBox or VMware Fusion by defining it in Vagrant. Vagrant then configures these virtual machines, based on the settings given in Vagrantfile in the directory where we want to store and run our VirtualBox or VMware Fusion virtual machines from. This file is based on Ruby syntax, but the lines are relatively self-explanatory. We have specified some of the following:

      • The hostnames are called controller, network, compute, swift and cinder and have a corresponding 4th octet IP assigned to them that i is appended to the networks given further into the file.
      • The VM is based on Ubuntu Trusty Tahr, an alias for Ubuntu 14.04 LTS 64-bit
      • We configure some optimizations and specific configurations for VMware and VirtualBox
      • The file has been written as a series of nested loops, iterating over the “nodes” array set at the top of the file.
      • In each iteration, the corresponding configuration of the virtual machine is made, and then the configured virtual machine is then brought up.

We then launch this virtual machines using Vagrant with the help of the following simple command:

vagrant up

This will launch all VMs listed in the Vagrantfile.

To see the status of the virtual machines we use the following command:

vagrant status

To log into any of the machines we use the following command:

vagrant ssh controller

replace “controller” with the name of the virtual machine you want to use.