OpenStack 설치 - Ubuntu
둘러보기로 가기
검색하러 가기
Ubuntu Server 13.04 환경에서 OpenStack Grizzle를 설치 합니다.
목차
요구 사항
- 지원 OS
- CentOS, RHEL, Ubuntu
- Debian, Fedora, openSUSE, SLE
- Node별 Hardware recommend
Server Service Recommend Controller
node- Administrative Web-Interface (Horizon)
- Apache HTTP Server
- Django-based application
- memcache
- novnc (Web-based VNC client)
- Identity Service (Keystone)
- Compute Infrastructure (Nova)
- API Server (nova-api)
- Message Queue (rabbit-mq server)
- Network Controller (nova-network)
- Volume Worker (nova-volume)
- Scheduler (nova-scheduler)
- Imaging Service (Glance)
- Networking (Quantum)
- Quantum Server
- I3 Agent
- DHCP Agent
- openVSwitch plugin
- 장비 사양
- Processor: 64-bits x86
- 4 core / 12 GB Memory / 30 GB Disk
- Volume : 2 TB (SATA) * 2
- NIC : 1 Gbps * 1
- Web Server : Apache HTTP Server, Nginx
- Session cache : memcache 등
Compute
node- Compute Infrastructure (Nova)
- Compute Worker (nova-compute)
- Networking (Quantum)
- OpenVSwitch agent
- KVM (libirt) or Xen (XCP or XenServer)
- 장비 사양
- Processor: 64-bits x86
- AMD-V or Inter VT
- ? core / 32 GB Memory / 30 GB Disk
- Volume : 2 TB (SATA) * 2
- NIC : 1 Gbps * 2
- Virtual machine
- Network options : flat, DHCP, VLAN / 2 NICs
- Virtualization
- xapi : XCP (Xen Cloud Platform), XenServer
- livirt : KVM, QEMU, LXC, VMWare
volume
controller- OpenStack Block Storage (Cinder)
- LVM (Logical Volume Manager)
network
controller- Compute Infrastructure (Nova)
- Network Controller (nova-network)
- 방화벽 : iptables
- dnsmasq
- Linux VLANs
apt-get install vlan bridge-utils
- Linux bridging
messaging
server- RabbitMQ
- Message queue : RabbitMQ, Qpid, ZeroMQ(0MQ)
database
server- MySQL
- Database : MySQL, PostgreSQL, SQLite
- Network recommend
Type Comment Management network - 255 IPs (CIDR/24), 사설 IP
- 내부 서버간 통신
Public network - 8 IPs 이상 (CIDR/29), 공인 IP
- API endpoints
VM network - 1024 IPs (CIDR/22), 사설 IP
- cloud instance에 할당되는 사설 IP
Floating IP network - 16 IPs 이상 (CIDR/28), 공인 IP
- cloud instance에 접속하기 위해 사용되는 공인 IP
설치 환경
- Virtual Box 4.2.12 설치
- Ubuntu Server 13.04 64 bits 설치
- VirtualBox의 가상 이미지 설정에서 "호스트 전용 어댑터" 네트워크 추가 후 Ubuntu Server 설치
- Ubuntu Server Network 설정
vi /etc/network/interfaces auto eth1 iface eth1 inet static address 192.168.56.111 netmask 255.255.255.0 network 192.168.56.0 broadcast 192.168.56.255 gateway 192.168.56.1 dns-nameservers 210.220.163.82 219.250.36.130 /etc/init.d/networking restart vi /etc/hosts 192.168.56.111 ucloud001.cloudserver.com ucloud001
- Add Cloud Archive repository
vi /etc/apt/sources.list.d/grizzly.list deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/grizzly main apt-get install ubuntu-cloud-keyring
- Ubuntu Server를 최신 버전으로 upgrade
apt-get update apt-get upgrade
apt-get install ssh /etc/init.d/ssh restart
Network Time Protocol (NTP) 설치
apt-get install -y ntp
- NTP Server in Controller node
vi /etc/ntp.conf server ntp.ubuntu.com //--- 이 라인 아래에 다음 2줄 추가 server 127.127.1.0 fudge 127.127.1.0 stratum 10 service ntp restart
- NTP Client
vi /etc/cron.daily/ntpdate mtpdate $NTP_Server_IP chown 755 /etc/cron.daily/ntpdate
MySQL 설치
- MySQL Server 5.5를 설치 합니다.
apt-get install python-mysqldb mysql-server
- vi /etc/mysql/my.cnf
### bind-address = 127.0.0.1 bind-address = 0.0.0.0
service mysql restart
Messaging Server 설치
- RabbitMQ, Qpid, ZeroMQ(0MQ) 지원
- RabbitMQ 설치
apt-get install rabbitmq-server
keystone 설치
- keystone 설치
apt-get install keystone
- keystone용 MySQL Database 생성
mysql -uroot -p mysql create database keystone; insert into user (Host, User, Password) values ('localhost', 'keystone', password('~')); insert into db values ('localhost', 'keystone', 'keystone', 'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y', 'Y','Y','Y','Y','Y','Y','Y','Y','Y'); commit; flush privileges; grant all privileges on keystone.* to keystone@localhost identified by '~'; flush privileges; exit
- vi /etc/keystone/keystone.conf
admin_token = 012345SECRET99TOKEN012345 ### connection = sqlite:////var/lib/keystone/keystone.db connection = mysql://keystone:~@192.168.56.111/keystone
- keystone용 ssl encryption 생성
keystone-manage pki_setup chown -R keystone:keystone /etc/keystone/*
- keystone과 database 초기화
rm /var/lib/keystone/keystone.db service keystone restart keystone-manage db_sync
- keystone용 환경 설정
vi ~/keystonerc01 ### keystone --token 012345SECRET99TOKEN012345 --endpoint http://192.168.56.111:35357/v2.0 명령 인자 OS_SERVICE_TOKEN=012345SECRET99TOKEN012345 OS_SERVICE_ENDPOINT=http://192.168.56.111:35357/v2.0
- tenant/role/user 설정
Tenant Role User demo admin admin service admin glance service admin nova service admin ec2 service admin swift
- demo/admin/admin 생성
keystone tenant-create --name demo --description "Default Tenant" keystone tenant-list keystone role-create --name admin keystone role-list keystone user-create --name=admin --pass=~ --email=~ keystone user-role-add --user-id b76105241058494d95826fa888ca3082 --tenant-id 68291205399547a5ae968832d7e43690 --role-id 899e1e9f83264b2c9341cfddf183d1f1 keystone user-list
- service/admin/glance 생성
keystone tenant-create --name service --description "Service Tenant" keystone user-create --name=glance --pass=~ --email=~ keystone user-role-add --user-id b8150b5941bb4531976d07549f33e79d --tenant-id 764424ad593a4484a53bd3119b103e34 --role-id 899e1e9f83264b2c9341cfddf183d1f1
- service/admin/nova 생성
keystone user-create --name=nova --pass=~ --email=~ keystone user-role-add --user-id 2cec4a4dd3ee4d1db9ae6067251fbd05 --tenant-id 764424ad593a4484a53bd3119b103e34 --role-id 899e1e9f83264b2c9341cfddf183d1f1
- service/admin/ec2 생성
keystone user-create --name=nova --pass=~ --email=~ keystone user-role-add --user-id d40df1a3840a41279b26a2d03ce2314b --tenant-id 764424ad593a4484a53bd3119b103e34 --role-id 899e1e9f83264b2c9341cfddf183d1f1
- service/admin/swift 생성
keystone user-create --name=swift --pass=~ --email=~ keystone user-role-add --user-id 5a0f6d1ea6d14bd9acf63b57e9030fa1 --tenant-id 764424ad593a4484a53bd3119b103e34 --role-id 899e1e9f83264b2c9341cfddf183d1f1
- service/endpoint 설정
- keystone(identity) 생성
keystone service-create --name=keystone --type=identity --description="Identity Service" keystone service-list keystone endpoint-create --region RegionOne --service-id=9f53cf77226248f691734378bd4a788c --publicurl=http://192.168.56.111:5000/v2.0 --internalurl=http://192.168.56.111:5000/v2.0 --adminurl=http://192.168.56.111:35357/v2.0 keystone endpoint-list
- nova(compute) 생성
keystone service-create --name=nova --type=compute --description="Compute Service" keystone endpoint-create --region RegionOne --service-id=0ee45d97bd0a48fe92649bdd93084636 --publicurl='http://192.168.56.111:8774/v2/%(tenant_id)s' --internalurl='http://192.168.56.111:8774/v2/%(tenant_id)s' --adminurl='http://192.168.56.111:8774/v2/%(tenant_id)s'
- volume(volume) 생성
keystone service-create --name=volume --type=volume --description="Volume Service" keystone endpoint-create --region RegionOne --service-id=2effffdef36247cd9ba5403eb5f603bb --publicurl='http://192.168.56.111:8776/v1/%(tenant_id)s' --internalurl='http://192.168.56.111:8776/v1/%(tenant_id)s' --adminurl='http://192.168.56.111:8776/v1/%(tenant_id)s'
- glance(image) 생성
keystone service-create --name=glance --type=image --description="Image Service" keystone endpoint-create --region RegionOne --service-id=2096a0c8cd88411aac06a1c011cee3e4 --publicurl='http://192.168.56.111:9292' --internalurl='http://192.168.56.111:9292' --adminurl='http://192.168.56.111:9292'
- ec2(ec2) 생성
keystone service-create --name=ec2 --type=ec2 --description="EC2 Compatibility Layer" keystone endpoint-create --region RegionOne --service-id=00f0ef589b11465b8f60f8f1ad530f47 --publicurl='http://192.168.56.111:8773/services/Cloud' --internalurl='http://192.168.56.111:8773/services/Cloud' --adminurl='http://192.168.56.111:8773/services/Admin'
- swift(object-store) 생성
keystone service-create --name=swift --type=object-store --description="Object Storage Service" keystone endpoint-create --region RegionOne --service-id=44234ad3daf640f5b9bca60c4fef6268 --publicurl='http://192.168.56.111:8888/v1/AUTH_%(tenant_id)s' --internalurl='http://192.168.56.111:8888/v1' --adminurl='http://192.168.56.111:8888/v1/AUTH_%(tenant_id)s'
- keystone 서비스 확인
vi ~/keystonerc02 export OS_USERNAME=admin export OS_PASSWORD=~ export OS_TENANT_NAME=demo export OS_AUTH_URL=http://192.168.56.111:35357/v2.0 keystone --os-username=admin --os-password=~ --os-auth-url=http://192.168.56.111:35357/v2.0 token-get keystone --os-username=admin --os-password=~ --os-tenant-name=demo --os-auth-url=http://192.168.56.111:35357/v2.0 token-get
glance 설치
- glance를 설치 합니다.
apt-get install glance apt-get install python-keystone #rm /var/lib/glance.sqlite
- MySQL에 glance user를 생성 합니다.
mysql -uroot -p mysql
create database glance; insert into user (Host, User, Password) values ('localhost', 'glance', password('~')); insert into db values ('localhost', 'glance', 'glance', 'Y','Y','Y','Y','Y','Y','Y','Y','Y','Y', 'Y','Y','Y','Y','Y','Y','Y','Y','Y'); commit; flush privileges; grant all privileges on glance.* to glance@localhost identified by '~'; flush privileges; exit
- vi /etc/glance/glance-api.conf
enable_v1_api = True enable_v2_api = True sql_connection = mysql://glance:~@192.168.56.111/glance #--- 맨 마지막 라인에 다음을 추가하여 keystone을 통해 인증을 받도록 합니다. flavor=keystone
- 서비스 재기동
service glance-api restart
- vi /etc/glance/glance-registry.conf
config_file = /etc/glance/glance-registry-paste.ini sql_connection = mysql://glance:~@192.168.56.111/glance #--- 맨 마지막 라인에 다음을 추가하여 keystone을 통해 인증을 받도록 합니다. flavor=keystone
- vi /etc/glance/glance-registry-paste.ini
[pipeline:glance-registry-keystone] pipeline = authtoken context registryapp
- 서비스 재기동
service glance-registry restart
- glance Database 초기화
glance-manage version_control 0 glance-manage db_sync service glance-registry restart service glance-api restart
- glance service 확인
- vi ~/glancerc
export OS_USERNAME=admin export OS_PASSWORD=~ export OS_TENANT_NAME=service export OS_AUTH_URL=http://192.168.56.111:35357/v2.0 export OS_REGION_NAME=RegionOne
- 테스트용 이미지 다운로드
mkdir /tmp/images cd /tmp/images wget http://www.jopenbusiness.com/images/ttylinux-uec-amd64-12.1_2.6.35-22_1.tar.gz tar -zxvf ttylinux-uec-amd64-12.1_2.6.35-22_1.tar.gz //--- 아래의 5개의 파일이 생김 ttylinux-uec-amd64-12.1_2.6.35-22_1-floppy ttylinux-uec-amd64-12.1_2.6.35-22_1.img ttylinux-uec-amd64-12.1_2.6.35-22_1-initrd ttylinux-uec-amd64-12.1_2.6.35-22_1-loader ttylinux-uec-amd64-12.1_2.6.35-22_1-vmlinuz glance image-create --name="tty-linux-kernel" --disk-format=aki --container-format=aki < ttylinux-uec-amd64-12.1_2.6.35-22_1-vmlinuz glance image-create --name="tty-linux-ramdisk" --disk-format=ari --container-format=ari < ttylinux-uec-amd64-12.1_2.6.35-22_1-loader glance image-create --name="tty-linux" --disk-format=ami --container-format=ami < ttylinux-uec-amd64-12.1_2.6.35-22_1.img glance image-list
Hypervisor 설치
Hypervisor 지원 여부 확인
- QEMU, KVM
- /lib/udev/rules.d/45-qemu-kvm.rules
- /dev/kvm
- vi /etc/nova/nova.conf
compute_driver=livirt.LibvirtDriver libvirt_type=kvm
- KVM과 QEMU가 지원하는 virtual machine image format
- Raw, QEMU Copy-on-write (qcow2), VMWare virtual machine disk format (vmdk)
KVM
- VT (Virtualization Technology) 지원 여부 확인
apt-get install cpu kvm-ok egrep '(vmx|svm)' --color=always /proc/cpuinfo //--- 필요한 경우 BIOS에서 VT support options을 켜세요. lsmod | grep kvm //--- kvm-intel, kvm-amd
- kvm-intel일 경우
modprobe kvm modprobe kvm-intel vi /etc/modules kvm kvm-intel
- kvm-amd일 경우
modprobe kvm modprobe kvm-amd vi /etc/modules kvm kbm-amd
- cpu model for kvm guest
- vi /usr/share/libvirt/cpu_map.xml
- vi /etc/nova/nova.conf
libvirt_cpu_mode = none, host-passthrough, hot-model, custom libvirt_cpu_modle = pentium2 //--- libvirt_cpu_mode가 custom일 경우에만 사용
- /var/log/nova/nova_compute.log
- ls -l /dev/kvm의 group이 kvm이 아니면 udevadm trigger 명령 실행
QEMU
- vi /etc/nova/nova.conf
compute_driver=libvirt_LibvirtDriver libvirt_type=qemu
- apt-get install questmount
XEN
- vi /etc/nova/nova.conf
compute_driver=xenapi.XenAPIDriver xenapi_connection_url = http:// xenapi_connection_username = root xenapi_connection_password = ~
- XenAPI가 지원하는 이미지 포맷 : Raw, VHD (image gzipped tarball)
- Xen Tools
- Xen Cloud Platform (XCP), GPL v2
- Citrix Xen Server
- XenAPI (xapi)
- PV (Paravirtualized)
- HVM (Hardware Virtualized)
- Tenant Network : Flat, FlatDHCP, VLAN