Monday, March 23, 2015

Setup the most recent Nova Docker Driver via Devstack on F21

UPDATE as 03/26/2015
To make devstack configuration persistent between reboots on Fedora 21,
e.g. restart-able via ./, following services must be enabled :-

   systemctl enable rabbitmq-server 
  systemctl enable openvswitch 
  systemctl enable httpd 
  systemctl enable mariadb 
  systemctl enable mysqld

 File /etc/rc.d/rc.local should contain ( in my case ) :-

ip addr flush dev br-ex ;
ip addr add dev br-ex ;
ip link set br-ex up ;
route add -net gw ;
System is supposed to be shutdown via :-
$sudo ./
     Due to  switching Nova in Kilo Openstack release to  oslo logging, nova docker driver was also switched to oslo logging,what makes impossible test this driver with nova-compute service been built for Juno Release. Running devstack on systems different from Ubuntu 14.04 is affected usually by lower version of python modules then required by devstack.Post bellow is solving this issue on Fedora 21 upgrading requiered modules via Fedora Rawhide and also provides workaround for dropping python-six version caused by driver build,which is specific F21 bug. Shortly , it's brief instruction how to run devstack on Fedora 21 without crashing. It is targeting only development issues.
Actually, it  follows up  however , RDO Juno is not pre-installed and Nova Docker driver is built first based on the top commit of , next step is :-

$ git clone
$ cd devstack

Creating local.conf under devstack following any of two links provided
and run ./ performing AIO Openstack installation, like it does
it on Ubuntu 14.04. All steps preventing from crash on F21 described
right bellow.

 # yum -y install git docker-io python-six  fedora-repos-rawhide
 # yum --enablerepo=rawhide install  python-pip python-pbr systemd
 # systemctl enable docker.service
 # systemctl start docker.service
 # groupadd nova

  Edit  /etc/sysconfig/docker

   OPTIONS='--selinux-enabled -G nova'
 # systemctl restart docker.service
 # reboot


 # chmod 666 /var/run/docker.sock
 # yum - y install gcc python-devel ( required for driver build )

 $ git clone
 $ cd nova-docker
 $ sudo pip install . 

  You might experience problems with cloning nova-docker.git
  to fedora box (vm), then install Ubuntu 14.04.2 VM
  ( for instance @KVM F21 Hypervisor)
  Log into VM and run:-

  # git clone git://
  # scp -r nova-docker    fedora21-box-ip:/root

 To encrease to 1.9 version python-six dropped to 1.2 during driver's build

   # yum -y reinstall python-six
   # mkdir -p /opt/stack
   # chmod -R 755 /opt/stack

 Run devstack as user stack:-

  $ git clone
  $ cd devstack
  1. Create local.conf
  2. Verify docker service availability
   $ docker version
      Client version: 1.5.0
      Client API version: 1.17
      Go version (client): go1.3.3
      Git commit (client): a8a31ef/1.5.0
      OS/Arch (client): linux/amd64
      Server version: 1.5.0
      Server API version: 1.17
      Go version (server): go1.3.3
      Git commit (server): a8a31ef/1.5.0

 3. Then run :-
  $ ./

or view   for another version of local.conf

My version of local.conf which allows define floating pool as you need,
a bit more flexible then original



# The default fixed range ( conflicted with an address
# range I was using locally.

# Services
disable_service n-net
enable_service q-svc
enable_service q-agt
enable_service q-dhcp
enable_service q-l3
enable_service q-meta
enable_service horizon
disable_service tempest

# Introduce glance to docker images

# Configure nova to use the nova-docker driver

After completion disable firewalld, because devstack has no interaction with fedoras firewalld bringing up openstack daemons requiring corresponding ports  to be opened
$ sudo cp nova-docker/etc/nova/rootwrap.d/docker.filters \
#  systemctl stop firewalld
#  systemtcl disable firewalld

$ cd dev*
$ . openrc demo 

$ neutron security-group-rule-create --protocol icmp \
  --direction ingress --remote-ip-prefix default

$ neutron security-group-rule-create --protocol tcp \
  --port-range-min 22 --port-range-max 22 \
  --direction ingress --remote-ip-prefix default

$ neutron security-group-rule-create --protocol tcp \
  --port-range-min 80 --port-range-max 80 \
  --direction ingress --remote-ip-prefix default

Uploading docker image to glance
$ . openrc admin
$  docker pull rastasheep/ubuntu-sshd:14.04
$  docker save rastasheep/ubuntu-sshd:14.04 | glance image-create --is-public=True   --container-format=docker --disk-format=raw --name rastasheep/ubuntu-sshd:14.04

Launch new instance via uploaded image :-
$ . openrc demo
$  nova boot --image "rastasheep/ubuntu-sshd:14.04" --flavor m1.tiny
    --nic net-id=private-net-id UbuntuDocker

To provide internet access for launched nova-docker instance run :-

# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

On real F21 box
# iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE

    or whatever ifconfig reports on machine

# iptables -t nat -A POSTROUTING -o em1 -j MASQUERADE

   To use Horizon
   # yum -y install nodejs
   # systemctl restart httpd.service




   System has been setup on real F21 box :-