Hackery bellow was tested multiple times for AIO installs via packstack,
providing completly functional Neutron Services and allows to create neutron
routers, tenant's and external networks on single box or virtual machine.
View for instance https://www.rdoproject.org/forum/categories/blog/
However, I have got some negative results attempting to perform multinode
deployment,separating Controller and Network Nodes regardless successful packstack completion.In case of Two Node Controller&&Network + Compute packstack deployment hackery still works.
Update which make possible RDO Kilo Three Node deployment on Fedora 22 ( as of time of writing 07/12/2015) maybe seen here
************************************************
First setup RDO KIlo (AIO) on Fedora 22
************************************************
# dnf install -y https://rdoproject.org/repos/rdo-release.rpm
# dnf install -y openstack-packstack
# dnf install fedora-repos-rawhide
# dnf --enablerepo=rawhide update openstack-packstack
Fedora - Rawhide - Developmental packages for the next Fedora re 4.0 MB/s | 43 MB 00:10
Last metadata expiration check performed 0:00:41 ago on Sat Jul 11 13:58:50 2015.
Dependencies resolved.
=================================================================================================
Package Arch Version Repository Size
=================================================================================================
Upgrading:
openstack-packstack noarch 2015.1-0.8.dev1589.g1d6372f.fc23 rawhide 235 k
openstack-packstack-puppet noarch 2015.1-0.8.dev1589.g1d6372f.fc23 rawhide 23 k
Transaction Summary
=================================================================================================
Upgrade 2 Packages
Total download size: 258 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): openstack-packstack-puppet-2015.1-0.8.dev1589.g1d6372f.fc 175 kB/s | 23 kB 00:00
(2/2): openstack-packstack-2015.1-0.8.dev1589.g1d6372f.fc23.noar 891 kB/s | 235 kB 00:00
-------------------------------------------------------------------------------------------------
Total 128 kB/s | 258 kB 00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Upgrading : openstack-packstack-puppet-2015.1-0.8.dev1589.g1d6372f.fc23.noarch 1/4
Upgrading : openstack-packstack-2015.1-0.8.dev1589.g1d6372f.fc23.noarch 2/4
Cleanup : openstack-packstack-2015.1-0.2.dev1537.gba5183c.fc23.noarch 3/4
Cleanup : openstack-packstack-puppet-2015.1-0.2.dev1537.gba5183c.fc23.noarch 4/4
Verifying : openstack-packstack-2015.1-0.8.dev1589.g1d6372f.fc23.noarch 1/4
Verifying : openstack-packstack-puppet-2015.1-0.8.dev1589.g1d6372f.fc23.noarch 2/4
Verifying : openstack-packstack-2015.1-0.2.dev1537.gba5183c.fc23.noarch 3/4
Verifying : openstack-packstack-puppet-2015.1-0.2.dev1537.gba5183c.fc23.noarch 4/4
Upgraded:
openstack-packstack.noarch 2015.1-0.8.dev1589.g1d6372f.fc23
openstack-packstack-puppet.noarch 2015.1-0.8.dev1589.g1d6372f.fc23
Complete!
# dnf install python3-pyOpenSSL.noarch python-service-identity.noarch python-ndg_httpsclient.noarch
**********************
At this point run :-
**********************
# packstack --gen-answer-file answer-file-aio.txt
and set
CONFIG_KEYSTONE_SERVICE_NAME=httpd
************************************************************************
I also commented out second line in /etc/httpd/conf.d/mod_dnssd.conf
************************************************************************
# cd /usr/lib/python2.7/site-packages/packstack/puppet/templates
and apply third patch from link . It will disable provision_demo.pp
Then run
# packstack --answer-file=./answer-file-aio.txt
***********************************************
Upon completion you are supposed to get :-
***********************************************
[root@WorkstationF22 ~]# rpm -qa \*puppet\*
openstack-puppet-modules-2015.1.6-2.fc23.noarch
puppet-4.1.0-1.fc22.noarch
openstack-packstack-puppet-2015.1-0.8.dev1589.g1d6372f.fc23.noarch
******************************************
Configure OVS_BRIDGE and OVS_PORT
******************************************
In particular case, external neutron network 192.168.1.0/24 match LAN
office network, IP address of physical router is 192.168.1.1
[root@ServerFedora22 network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="192.168.1.32"
NETMASK="255.255.255.0"
DNS1="8.8.8.8"
BROADCAST="192.168.1.255"
GATEWAY="192.168.1.1"
NM_CONTROLLED="no"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
[root@ServerFedora22 network-scripts(keystone_admin)]# cat ifcfg-enp2s0
DEVICE="enp2s0"
ONBOOT="yes"
HWADDR="90:E6:BA:2D:11:EB"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no
*****************************************
When configuration above is done :-
*****************************************
# chkconfig network on
# systemctl stop NetworkManager
# systemctl disable NetworkManager
# reboot
**********************************
Setting up NovaDocker driver
**********************************
# dnf -y install git docker-io python-six fedora-repos-rawhide
# dnf --enablerepo=rawhide install python-pip python-pbr
# reboot
**********************
Next
**********************
# chmod 666 /var/run/docker.sock
# git clone http://github.com/stackforge/nova-docker.git
# cd nova-docker
# git checkout -b kilo origin/stable/kilo
# git branch -v -a
* kilo d556444 Do not enable swift/ceilometer/sahara
master d556444 Do not enable swift/ceilometer/sahara
remotes/origin/HEAD -> origin/master
remotes/origin/master d556444 Do not enable swift/ceilometer/sahara
remotes/origin/stable/icehouse 9045ca4 Fix lockpath for tests
remotes/origin/stable/juno b724e65 Fix tests on stable/juno
remotes/origin/stable/kilo d556444 Do not enable swift/ceilometer/sahara
# python setup.py install
# systemctl start docker
# systemctl enable docker
# chmod 666 /var/run/docker.sock
# mkdir /etc/nova/rootwrap.d
******************************
Update nova.conf
******************************
vi /etc/nova/nova.conf
set "compute_driver = novadocker.virt.docker.DockerDriver"
************************************************
Next, create the docker.filters file:
************************************************
$ vi /etc/nova/rootwrap.d/docker.filters
Insert Lines
# nova-rootwrap command filters for setting up network in the docker driver
# This file should be owned by (and only-writeable by) the root user
[Filters]
# nova/virt/docker/driver.py: 'ln', '-sf', '/var/run/netns/.*'
ln: CommandFilter, /bin/ln, root
*****************************************
Add line /etc/glance/glance-api.conf
*****************************************
container_formats=ami,ari,aki,bare,ovf,ova,docker
Restart Services
************************
# systemctl restart openstack-nova-compute
# systemctl status openstack-nova-compute
# systemctl restart openstack-glance-api
Testing Ubuntu Vivid docker image
1. Follow https://github.com/tutumcloud/tutum-ubuntu
2. Upload image to glance and launch Nova Docker container
[root@WorkstationF22 ~(keystone_admin)]# docker save tutum/ubuntu:vivid | \
glance image-create --is-public=True --container-format=docker \
--disk-format=raw --name tutum/ubuntu:vivid
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | a2abfd90ee54f14bb44e8cfdd7ae3159 |
| container_format | docker |
| created_at | 2015-07-10T14:47:13.000000 |
| deleted | False |
| deleted_at | None |
| disk_format | raw |
| id | 0a5c442a-8067-4db8-8689-04b76412e001 |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | tutum/ubuntu:vivid |
| owner | 18b9889bd61140e58b7bf90904d2abcc |
| protected | False |
| size | 220456960 |
| status | active |
| updated_at | 2015-07-10T14:47:41.000000 |
| virtual_size | None |
+------------------+--------------------------------------+
Implement security rules in same way as for Libvirt driver and launch instance via dashboard :-
[root@WorkstationF22 ~(keystone_admin)]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ec0f6df23bd2 tutum/ubuntu:vivid "/run.sh" 49 seconds ago Up 47 seconds nova-e543f496-db14-4d89-a5fb-56ae91f2946b
d4b6ea309bdc rastasheep/ubuntu-sshd:14.04 "/usr/sbin/sshd -D" 28 minutes ago Up 28 minutes nova-527a7e22-707a-4d00-9b17-5ccfbc15a9aa
[root@WorkstationF22 ~(keystone_admin)]# docker logs ec0f6df23bd2
=> Setting a random password to the root user
=> Done!
==================================================
You can now connect to this Ubuntu container via SSH using:
ssh -p root@
and enter the root password 'MO0NBGvlYlu8' when prompted
Please remember to change the above password as soon as possible!
==================================================
[root@WorkstationF22 ~(keystone_admin)]# ssh -p 22 root@192.168.1.153
The authenticity of host '192.168.1.153 (192.168.1.153)' can't be established.
ECDSA key fingerprint is SHA256:0+T/egdd9DE3tx0AmUO71qkWVo3PbWC0+vOS+lAt2AY.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.153' (ECDSA) to the list of known hosts.
root@192.168.1.153's password:
root@instance-00000003:~# cat /etc/issue
Ubuntu 15.04 \n \l
root@instance-00000003:~# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 14:55 ? 00:00:00 /usr/sbin/sshd -D
root 12 1 0 14:57 ? 00:00:00 sshd: root@pts/0
root 13 12 0 14:57 pts/0 00:00:00 -bash
root 20 13 0 14:57 pts/0 00:00:00 ps -ef
root@instance-00000003:~#
**************************
Update /etc/rc.d/rc.local
**************************
chmod 666 /var/run/docker.sock
service openstack-nova-compute restart
providing completly functional Neutron Services and allows to create neutron
routers, tenant's and external networks on single box or virtual machine.
View for instance https://www.rdoproject.org/forum/categories/blog/
However, I have got some negative results attempting to perform multinode
deployment,separating Controller and Network Nodes regardless successful packstack completion.In case of Two Node Controller&&Network + Compute packstack deployment hackery still works.
Update which make possible RDO Kilo Three Node deployment on Fedora 22 ( as of time of writing 07/12/2015) maybe seen here
************************************************
First setup RDO KIlo (AIO) on Fedora 22
************************************************
# dnf install -y https://rdoproject.org/repos/rdo-release.rpm
# dnf install -y openstack-packstack
# dnf install fedora-repos-rawhide
# dnf --enablerepo=rawhide update openstack-packstack
Fedora - Rawhide - Developmental packages for the next Fedora re 4.0 MB/s | 43 MB 00:10
Last metadata expiration check performed 0:00:41 ago on Sat Jul 11 13:58:50 2015.
Dependencies resolved.
=================================================================================================
Package Arch Version Repository Size
=================================================================================================
Upgrading:
openstack-packstack noarch 2015.1-0.8.dev1589.g1d6372f.fc23 rawhide 235 k
openstack-packstack-puppet noarch 2015.1-0.8.dev1589.g1d6372f.fc23 rawhide 23 k
Transaction Summary
=================================================================================================
Upgrade 2 Packages
Total download size: 258 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): openstack-packstack-puppet-2015.1-0.8.dev1589.g1d6372f.fc 175 kB/s | 23 kB 00:00
(2/2): openstack-packstack-2015.1-0.8.dev1589.g1d6372f.fc23.noar 891 kB/s | 235 kB 00:00
-------------------------------------------------------------------------------------------------
Total 128 kB/s | 258 kB 00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Upgrading : openstack-packstack-puppet-2015.1-0.8.dev1589.g1d6372f.fc23.noarch 1/4
Upgrading : openstack-packstack-2015.1-0.8.dev1589.g1d6372f.fc23.noarch 2/4
Cleanup : openstack-packstack-2015.1-0.2.dev1537.gba5183c.fc23.noarch 3/4
Cleanup : openstack-packstack-puppet-2015.1-0.2.dev1537.gba5183c.fc23.noarch 4/4
Verifying : openstack-packstack-2015.1-0.8.dev1589.g1d6372f.fc23.noarch 1/4
Verifying : openstack-packstack-puppet-2015.1-0.8.dev1589.g1d6372f.fc23.noarch 2/4
Verifying : openstack-packstack-2015.1-0.2.dev1537.gba5183c.fc23.noarch 3/4
Verifying : openstack-packstack-puppet-2015.1-0.2.dev1537.gba5183c.fc23.noarch 4/4
Upgraded:
openstack-packstack.noarch 2015.1-0.8.dev1589.g1d6372f.fc23
openstack-packstack-puppet.noarch 2015.1-0.8.dev1589.g1d6372f.fc23
Complete!
# dnf install python3-pyOpenSSL.noarch python-service-identity.noarch python-ndg_httpsclient.noarch
**********************
At this point run :-
**********************
# packstack --gen-answer-file answer-file-aio.txt
and set
CONFIG_KEYSTONE_SERVICE_NAME=httpd
************************************************************************
I also commented out second line in /etc/httpd/conf.d/mod_dnssd.conf
************************************************************************
# cd /usr/lib/python2.7/site-packages/packstack/puppet/templates
and apply third patch from link . It will disable provision_demo.pp
Then run
# packstack --answer-file=./answer-file-aio.txt
***********************************************
Upon completion you are supposed to get :-
***********************************************
[root@WorkstationF22 ~]# rpm -qa \*puppet\*
openstack-puppet-modules-2015.1.6-2.fc23.noarch
puppet-4.1.0-1.fc22.noarch
openstack-packstack-puppet-2015.1-0.8.dev1589.g1d6372f.fc23.noarch
******************************************
Configure OVS_BRIDGE and OVS_PORT
******************************************
In particular case, external neutron network 192.168.1.0/24 match LAN
office network, IP address of physical router is 192.168.1.1
[root@ServerFedora22 network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
IPADDR="192.168.1.32"
NETMASK="255.255.255.0"
DNS1="8.8.8.8"
BROADCAST="192.168.1.255"
GATEWAY="192.168.1.1"
NM_CONTROLLED="no"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
[root@ServerFedora22 network-scripts(keystone_admin)]# cat ifcfg-enp2s0
DEVICE="enp2s0"
ONBOOT="yes"
HWADDR="90:E6:BA:2D:11:EB"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no
*****************************************
When configuration above is done :-
*****************************************
# chkconfig network on
# systemctl stop NetworkManager
# systemctl disable NetworkManager
# reboot
**********************************
Setting up NovaDocker driver
**********************************
# dnf -y install git docker-io python-six fedora-repos-rawhide
# dnf --enablerepo=rawhide install python-pip python-pbr
# reboot
**********************
Next
**********************
# chmod 666 /var/run/docker.sock
# git clone http://github.com/stackforge/nova-docker.git
# cd nova-docker
# git checkout -b kilo origin/stable/kilo
# git branch -v -a
* kilo d556444 Do not enable swift/ceilometer/sahara
master d556444 Do not enable swift/ceilometer/sahara
remotes/origin/HEAD -> origin/master
remotes/origin/master d556444 Do not enable swift/ceilometer/sahara
remotes/origin/stable/icehouse 9045ca4 Fix lockpath for tests
remotes/origin/stable/juno b724e65 Fix tests on stable/juno
remotes/origin/stable/kilo d556444 Do not enable swift/ceilometer/sahara
# python setup.py install
# systemctl start docker
# systemctl enable docker
# chmod 666 /var/run/docker.sock
# mkdir /etc/nova/rootwrap.d
******************************
Update nova.conf
******************************
vi /etc/nova/nova.conf
set "compute_driver = novadocker.virt.docker.DockerDriver"
************************************************
Next, create the docker.filters file:
************************************************
$ vi /etc/nova/rootwrap.d/docker.filters
Insert Lines
# nova-rootwrap command filters for setting up network in the docker driver
# This file should be owned by (and only-writeable by) the root user
[Filters]
# nova/virt/docker/driver.py: 'ln', '-sf', '/var/run/netns/.*'
ln: CommandFilter, /bin/ln, root
*****************************************
Add line /etc/glance/glance-api.conf
*****************************************
container_formats=ami,ari,aki,bare,ovf,ova,docker
Restart Services
************************
# systemctl restart openstack-nova-compute
# systemctl status openstack-nova-compute
# systemctl restart openstack-glance-api
Testing Ubuntu Vivid docker image
1. Follow https://github.com/tutumcloud/tutum-ubuntu
2. Upload image to glance and launch Nova Docker container
[root@WorkstationF22 ~(keystone_admin)]# docker save tutum/ubuntu:vivid | \
glance image-create --is-public=True --container-format=docker \
--disk-format=raw --name tutum/ubuntu:vivid
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | a2abfd90ee54f14bb44e8cfdd7ae3159 |
| container_format | docker |
| created_at | 2015-07-10T14:47:13.000000 |
| deleted | False |
| deleted_at | None |
| disk_format | raw |
| id | 0a5c442a-8067-4db8-8689-04b76412e001 |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | tutum/ubuntu:vivid |
| owner | 18b9889bd61140e58b7bf90904d2abcc |
| protected | False |
| size | 220456960 |
| status | active |
| updated_at | 2015-07-10T14:47:41.000000 |
| virtual_size | None |
+------------------+--------------------------------------+
Implement security rules in same way as for Libvirt driver and launch instance via dashboard :-
[root@WorkstationF22 ~(keystone_admin)]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ec0f6df23bd2 tutum/ubuntu:vivid "/run.sh" 49 seconds ago Up 47 seconds nova-e543f496-db14-4d89-a5fb-56ae91f2946b
d4b6ea309bdc rastasheep/ubuntu-sshd:14.04 "/usr/sbin/sshd -D" 28 minutes ago Up 28 minutes nova-527a7e22-707a-4d00-9b17-5ccfbc15a9aa
[root@WorkstationF22 ~(keystone_admin)]# docker logs ec0f6df23bd2
=> Setting a random password to the root user
=> Done!
==================================================
You can now connect to this Ubuntu container via SSH using:
ssh -p
and enter the root password 'MO0NBGvlYlu8' when prompted
Please remember to change the above password as soon as possible!
==================================================
[root@WorkstationF22 ~(keystone_admin)]# ssh -p 22 root@192.168.1.153
The authenticity of host '192.168.1.153 (192.168.1.153)' can't be established.
ECDSA key fingerprint is SHA256:0+T/egdd9DE3tx0AmUO71qkWVo3PbWC0+vOS+lAt2AY.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.153' (ECDSA) to the list of known hosts.
root@192.168.1.153's password:
root@instance-00000003:~# cat /etc/issue
Ubuntu 15.04 \n \l
root@instance-00000003:~# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 14:55 ? 00:00:00 /usr/sbin/sshd -D
root 12 1 0 14:57 ? 00:00:00 sshd: root@pts/0
root 13 12 0 14:57 pts/0 00:00:00 -bash
root 20 13 0 14:57 pts/0 00:00:00 ps -ef
root@instance-00000003:~#
**************************
Update /etc/rc.d/rc.local
**************************
chmod 666 /var/run/docker.sock
service openstack-nova-compute restart
