OpenStack: Building a Cloud Environment电子书

OpenStack: Building a Cloud Environment

Table of Contents

OpenStack: Building a Cloud Environment

OpenStack: Building a Cloud Environment

Credits

Preface

What this course covers

What you need for this learning path

Who this learning path is for

Reader feedback

Customer support

Errata

Piracy

Questions

1. Module 1

1. An Introduction to OpenStack

Choosing an orchestrator

Building a private cloud

Commercial orchestrators

OpenStack

When to choose OpenStack?

OpenStack architecture

Service relationships

Services and releases history

Service functions

Keystone

Horizon

Nova

Glance

Swift

Cinder

Neutron

Heat

Ceilometer

Trove

Sahara

Designate

Ironic

Zaqar

Barbican

Manila

Murano

Magnum

Kolla

Congress

Service dependency maps

Preparing for the OpenStack setup

Selecting the services

Service layout

Controller node

Network node

Compute node

Storage node

Operating system

Network layout

Summary

2. Authentication and Authorization Using Keystone

Identity concepts in Keystone

User

Project (or tenant)

Role

Architecture and subsystems

Identity

Resource

Assignment

Policy

Token

Catalog

Installing common components

Setting up the database

Installing MariaDB

Step 1: Setting MariaDB repository

Step 2: Installing the MariaDB package

Configuring the database

Securing the database

Testing the installation

Setting up the messaging broker

Installing RabbitMQ

Step 1: Setting up the RabbitMQ repository

Step 2: Installing the RabbitMQ package

Configuring the RabbitMQ server

Testing the installation

Installing Keystone

Setting up the OpenStack repository

Creating the database

Installing the package

The initial configuration

Generating the admin token

Modifying the Keystone configuration file

Populating the Keystone DB

Setting up your first tenant

Setting up environment variables

Creating the tenant

Creating the user

Creating and mapping the role

Creating service endpoints

Creating the service

Creating the endpoint

Verifying the installation

Using Keystone CLI

Using the API

Troubleshooting the installation and configuration

DB sync errors

System language settings

Configuration errors

Failing Keystone commands

Service non-responsive

DNS issues

Network issues

Summary

3. Storing and Retrieving Data and Images using Glance, Cinder, and Swift

Introducing storage services

Working with Glance

Creating the database

Installing the packages

Initial configuration of Glance

Creating a user in Keystone

Creating a Glance service in Keystone

Creating a Glance endpoint

Modifying Glance configuration

Populating the Glance database

Finalizing the installation

Validating the installation

Working with Cinder

Controller node

Creating the database

Installing packages

Initial configuration

Creating a user in Keystone

Creating Cinder service in Keystone

Creating Cinder endpoints

Modifying the configuration files

Populating the Cinder database

Finalizing the installation

Storage node

Understanding the prerequisites

Installing the packages

Modifying the configuration files

Finalizing the installation

Validating the installation

Working with Swift

Controller node

Installing packages

Initial configuration

Creating a user in Keystone

Creating a Swift service in Keystone

Creating a Swift endpoint

Modifying the configuration files

The storage node

Understanding the prerequisites

Installing the packages

Modifying the configuration files

Account server configuration

Container server configuration

Object server configuration

Creating the rings

Account ring

Container ring

Object ring

Distributing the ring

Finalizing and validating the install

Troubleshooting steps

Swift authentication error

Ring files don't get created

Summary

4. Building Your Cloud Fabric Controller Using Nova

Working with Nova

Installing Nova components

Installing on the controller node

Creating the database

Installing components

Initial configuration

Creating the Nova user in Keystone

Creating the Nova service in Keystone

Creating the Nova endpoint in Keystone

Modifying the configuration file

Populating the database

Finalizing the installation

Installing on the compute node

Installing KVM

Installing Nova compute components

Modifying the host files

Modifying the configuration file

Finalizing the installation

Verifying the installation

Console access

Designing your Nova environment

Logical constructs

Region

Availability zone

The host aggregates

Virtual machine placement logic

Sample cloud design

Troubleshooting installation

Summary

5. Technology-Agnostic Network Abstraction Using Neutron

The software-defined network paradigm

What is an overlay network?

Components of overlay networks

Overlay technologies

GRE

VXLAN

Underlying network considerations

Open flow

Underlying network consideration

Neutron

Architecture of Neutron

The Neutron server

L2 agent

L3 agent

Understanding the basic Neutron process

Networking concepts in Neutron

Installing Neutron

Installing on the controller node

Creating the database

Installing Neutron control components

Initial configuration

Creating the Neutron user in Keystone

Creating the Neutron service in Keystone

Creating the Neutron endpoint in Keystone

Modifying the configuration files

Setting up the database

Finalizing the installation

Validating the installation

Installing on the network node

Setting up the prerequisites

Installing Neutron packages

Initial configuration on the network node

Neutron configuration

ML2 plugin

Configuring agents

Layer 3 agent

Layer 3 agent

Configuring the metadata agent

Setting up OVS

Finalizing the installation

Validating the installation

Installing on the compute node

Setting up the prerequisites

Installing packages

Initial configuration

Neutron configuration

ML2 plugin

Nova configuration

Finalizing the installation

Validating the installation

Troubleshooting Neutron

Summary

6. Building Your Portal in the Cloud

Working with Horizon

Some basic terminologies

System requirements to install Horizon

Installing Horizon

The initial configuration of Horizon

Finalizing the installation

Validating the installation

The structure of the Horizon dashboard

Troubleshooting Horizon

Understanding the Horizon log

Summary

7. Your OpenStack Cloud in Action

Gathering service requirements

Tenant and user management

GUI

Creating the project

Adding users

Associating users to the project

CLI

Creating the project

Creating the users

Associating users to the roles

Network management

Network types

Physical network

Virtual network

Tenant network

Provider network

Implementations of virtual networks

External network

Creating the network

Creating the subnet

Tenant network

Create the tenant network

Creating a subnet

Creating a router

Requesting services

Access and security

Security groups

Key pairs

Requesting your first VM

Creating a security group

Creating a key pair

Launching an instance

Using CLI tools

Generating a key pair

Requesting a server

Behind the scenes - how it all works

Creating VM templates

Installing Oz and its dependencies

RHEL/CentOS

Ubuntu

Oz templates

Creating VM templates using Oz

Uploading the image

Summary

8. Taking Your Cloud to the Next Level

Working with Heat

The components of Heat

Heat Orchestration Template (HOT)

Installing Heat

Creating the database

Installing components

The initial configuration

Creating a Heat user in Keystone

Creating additional Heat stack roles

Creating Heat services in Keystone

Creating Heat endpoints in Keystone

Modifying the configuration file

Populating the database

Finalizing the installation

Deploying your first HOT

Ceilometer

Installing Ceilometer

Installing Ceilometer on the controller node

Installing and configuring MongoDB

Creating the database

Installing packages

Initial configuration

Creating the Ceilometer user in Keystone

Creating the Ceilometer service

Creating the Ceilometer endpoint

Generating a random password

Editing the configuration files

Enabling the Glance notification

Enabling the Cinder notification

Enabling the Swift notification

Creating the ResellerAdmin role

Enabling notifications

Allowing Swift access to Ceilometer files

Finalizing the installation

Installing Ceilometer on the compute node

Installing the packages

Ceilometer-Agent-Compute

Initial configuration

Enable Nova notification

Finalizing the installation

Installing Ceilometer on the storage node

Enabling Cinder notification

Finalizing the installation

Testing the installation

Billing and usage reporting

Summary

9. Looking Ahead

OpenStack distributions

Devstack

Operating system distributions

Ubuntu OpenStack

RedHat OpenStack

Oracle OpenStack

Vendor offerings

VMware integrated OpenStack

Rackspace cloud

HP Helion

Cisco OpenStack

Mirantis OpenStack

SwiftStack

IBM Cloud manager

Suse Cloud

Other public clouds

Choosing a distribution

OpenStack in action

Enterprise Private Cloud

Service providers

Schools/Research centers

Web/SaaS providers

The roadmap

What is in it for you?

Summary

A. New Releases

The releases

Features and differences

Changes in the installation procedure

Adding the repository

The OpenStack client

Installing Keystone

Service configurations

Upgrading from Juno

Cleanup

Backup

Adding the repositories

Running the upgrade

Installing additional components

Updating the DB schema

Modifying configuration files

Restarting services

2. Module 2

1. Keystone – OpenStack Identity Service

Introduction

Installing the OpenStack Identity Service

Getting ready

How to do it...

How it works...

Configuring OpenStack Identity for SSL communication

Getting ready

How to do it...

How it works...

Creating tenants in Keystone

Getting ready

How to do it...

How it works...

Configuring roles in Keystone

Getting ready

How to do it...

How it works...

Adding users to Keystone

Getting ready

How to do it...

How it works...

Defining service endpoints

Getting ready

How to do it...

How it works...

Creating the service tenant and service users

Getting ready

How to do it...

How it works...

Configuring OpenStack Identity for LDAP Integration

Getting ready

How to do it...

How it works...

2. Glance – OpenStack Image Service

Introduction

Installing OpenStack Image Service

Getting ready

How to do it...

How it works...

See also

Configuring OpenStack Image Service with OpenStack Identity Service

Getting ready

How to do it...

How it works...

Configuring OpenStack Image Service with OpenStack Object Storage

Getting ready

How to do it...

How it works...

Managing images with OpenStack Image Service

Getting ready

How to do it...

Uploading Ubuntu images

Listing images

Viewing image details

Deleting images

Making private images public

How it works

Registering a remotely stored image

Getting ready

How to do it...

How it works...

Sharing images among tenants

Getting ready

How to do it...

How it works...

Viewing shared images

Getting ready

How to do it...

How it works...

Using image metadata

Getting ready

How to do it...

Updating image properties

Deleting all image properties

Deleting specific image properties

Using metadata for host scheduling

How it works...

See also

Migrating a VMware image

Getting ready

How to do it...

How it works...

Creating an OpenStack image

Getting ready

How to do it...

How it works...

3. Neutron – OpenStack Networking

Introduction

Installing Neutron and Open vSwitch on a dedicated network node

Getting ready…

How to do it...

How it works...

Configuring Neutron and Open vSwitch

Getting ready

How to do it...

How it works...

Installing and configuring the Neutron API service

Getting ready

How to do it...

How it works...

See Also

Creating a tenant Neutron network

Getting ready

How to do it...

How it works...

Deleting a Neutron network

Getting ready

How to do it...

How it works...

Creating an external floating IP Neutron network

Getting ready

How to do it...

How it works...

Using Neutron networks for different purposes

Getting ready

How to do it...

How it works...

Configuring Distributed Virtual Routers

Getting ready

How to do it...

Network node

The Controller Node

Compute nodes

How it works...

Using Distributed Virtual Routers

Getting ready

How to do it...

How it works...

4. Nova – OpenStack Compute

Introduction

Installing OpenStack Compute controller services

Getting ready

How to do it...

How it works...

Installing OpenStack Compute packages

Getting ready

How to do it...

How it works...

There’s more...

Using an alternative release

Configuring database services

Getting ready

How to do it...

How it works...

See also

Configuring OpenStack Compute

Getting ready

How to do it...

How it works...

There’s more...

See also

Configuring OpenStack Compute with OpenStack Identity Service

Getting ready

How to do it...

How it works...

Stopping and starting nova services

Getting ready

Controller

Compute

How to do it...

How it works...

Installation of command-line tools on Ubuntu

Getting ready

How to do it...

How it works...

See also

Using the command-line tools with HTTPS

Getting ready

How to do it...

How it works...

Checking OpenStack Compute services

Getting ready

How to do it...

How it works...

Using OpenStack Compute

Getting ready

How to do it...

How it works...

Managing security groups

Getting ready

How to do it...

Creating security groups

Removing a rule from a security group

Deleting a security group

How it works...

Defining groups and rules using Nova client

Creating and managing key pairs

Getting ready

How to do it...

Listing and deleting key pairs using Nova client

Listing the key pairs

Deleting the key pairs

How it works...

Launching our first cloud instance

Getting ready

How to do it...

How it works...

Fixing a broken instance deployment

Getting ready

How to do it...

How it works...

Terminating your instances

How to do it...

How it works...

Using live migration

Getting ready

Checking network connectivity

Ensuring resources

How to do it...

How it works...

Working with nova-schedulers

Getting ready

How to do it...

How it works...

There’s more...

Creating flavors

Getting ready

How to do it...

How it works...

Defining host aggregates

Getting ready

How to do it...

How it works...

Launching instances in specific Availability Zones

Getting ready

How to do it...

How it works...

Launching instances on specific Compute hosts

Getting ready

How to do it...

How it works...

Removing Nova nodes from a cluster

Getting ready

How to do it...

How it works...

5. Swift – OpenStack Object Storage

Introduction

Configuring Swift services and users in Keystone

Getting ready

How to do it...

How it works...

Installing OpenStack Object Storage services – proxy server

Getting ready

How to do it...

How it works...

Configuring OpenStack Object Storage – proxy server

Getting ready

How to do it...

How it works...

See also

Installing OpenStack Object Storage services – storage nodes

Getting ready

How to do it...

How it works...

Configuring physical storage for use with Swift

Getting ready

How to do it...

How it works...

Configuring Object Storage replication

Getting ready

How to do it...

How it works...

Configuring OpenStack Object Storage – storage services

Getting ready

How to do it...

How it works...

Making the Object Storage rings

Getting ready

How to do it...

How it works…

Stopping and starting OpenStack Object Storage

Getting ready

How to do it...

How it works...

Setting up SSL access

Getting ready

How to do it...

How it works...

6. Using OpenStack Object Storage

Introduction

Installing the swift client tool

Getting ready

How to do it...

How it works…

Creating containers

Getting ready

How to do it...

How it works...

Uploading objects

Getting ready

How to do it...

Uploading files

Uploading directories and their contents

Uploading multiple objects

How it works...

Uploading large objects

Getting ready

How to do it...

How it works...

Listing containers and objects

Getting ready

How to do it...

Listing all objects in a container

Listing specific object paths in a container

How it works...

Downloading objects

Getting ready

How to do it...

Downloading objects

Downloading objects with the -o parameter

Downloading all objects from a container

Downloading all objects from our OpenStack Object Storage account

How it works...

Deleting containers and objects

Getting ready

How to do it...

Deleting objects

Deleting multiple objects

Deleting containers

Deleting everything from our account

How it works...

Using OpenStack Object Storage ACLs

Getting ready

How to do it...

How it works

Using Container Synchronization between two Swift Clusters

Getting ready

How to do it...

How it works...

There's more…

7. Administering OpenStack Object Storage

Introduction

Managing the OpenStack Object Storage cluster with swift-init

Getting ready

How to do it...

How it works...

There's more…

Checking cluster health

Getting ready

How to do it...

How it works...

Managing the Swift cluster capacity

Getting ready

How to do it...

Proxy server creation

Storage node creation

How it works...

Removing nodes from a cluster

Getting ready

How to do it...

Proxy Server

How it works...

Detecting and replacing failed hard drives

Getting ready

How to do it...

Storage node

How it works...

Collecting usage statistics

Getting ready

How to do it...

How it works...

8. Cinder – OpenStack Block Storage

Introduction

Configuring Cinder-volume services

Getting ready

How to do it...

How it works...

Configuring OpenStack Compute for Cinder-volume

Getting ready

How to do it...

How it works...

Creating volumes

Getting ready

How to do it...

How it works...

Attaching volumes to an instance

Getting ready

How to do it...

How it works...

Detaching volumes from an instance

Getting ready

How to do it...

How it works...

Deleting volumes

Getting ready

How to do it...

How it works...

Configuring third-party volume services

Getting ready

How to do it...

How it works...

Working with Cinder snapshots

Getting ready

How to do it...

How it works...

Booting from volumes

Getting ready

How to do it...

How it works...

9. More OpenStack

Introduction

Using cloud-init to run post-installation commands

Getting ready

How to do it...

How it works...

There's more…

Using cloud-config to run the post-installation configuration

Getting ready

How to do it...

How it works...

There's more...

Installing OpenStack Telemetry

Getting ready

How to do it...

How it works...

Using OpenStack Telemetry to interrogate usage statistics

Getting ready

How to do it...

How it works...

Installing Neutron LBaaS

Getting ready

How to do it...

How it works...

Using Neutron LBaaS

Getting ready

How to do it...

How it works...

Configuring Neutron FWaaS

Getting ready

How to do it...

How it works...

Using Neutron FWaaS

Getting ready

How to do it...

How it works...

Installing the Heat OpenStack Orchestration service

Getting ready

How to do it...

How it works...

Using Heat to spin up instances

Getting ready

How to do it...

How it works...

10. Using the OpenStack Dashboard

Introduction

Installing OpenStack Dashboard

Getting ready

How to do it...

How it works...

Using OpenStack Dashboard for key management

Getting ready

How to do it...

Adding key pairs

Deleting key pairs

Importing key pairs

How it works...

Using OpenStack Dashboard to manage Neutron networks

Getting ready

How to do it...

Creating networks

Deleting networks

Viewing networks

How it works...

Using OpenStack Dashboard for security group management

Getting ready

How to do it...

Creating a security group

Editing security groups to add and remove rules

Deleting security groups

How it works...

Using OpenStack Dashboard to launch instances

Getting ready

How to do it...

How it works...

Using OpenStack Dashboard to terminate instances

Getting ready

How to do it...

How it works...

Using OpenStack Dashboard to connect to instances using a VNC

Getting ready

How to do it...

How it works...

Using OpenStack Dashboard to add new tenants – projects

Getting ready

How to do it...

How it works...

Using OpenStack Dashboard for user management

Getting ready

How to do it...

Adding users

Deleting users

Updating user details and passwords

Adding users to tenants

Removing users from tenants

How it works...

Using OpenStack Dashboard with LBaaS

Getting ready

How to do it...

Creating pools

Adding pool members

Adding a VIP to the Load Balancer pool

Deleting the Load Balancer

How it works...

Using OpenStack Dashboard with OpenStack Orchestration

Getting ready

How to do it...

Launching stacks

Viewing stack details

Deleting stacks

How it works...

11. Production OpenStack

Introduction

Installing the MariaDB Galera cluster

Getting ready

How to do it...

How it works...

Configuring HA Proxy for the MariaDB Galera cluster

Getting ready

How to do it...

How it works...

Configuring HA Proxy for high availability

Getting ready

How to do it...

OpenStack backend configuration using FloatingIP address

How it works...

Installing and configuring Pacemaker with Corosync

Getting ready

How to do it...

Setting up the first node – controller1

Setting up the second node – controller2

Configuring the first node – controller1

Configuring the second node – controller2

Starting the Pacemaker and Corosync services

How it works...

Configuring OpenStack services with Pacemaker and Corosync

Getting ready

How to do it...

Glance across two nodes with FloatingIP

Configuring Pacemaker for use with Glance and Keystone

How it works...

Bonding network interfaces for redundancy

Getting ready

How to do it...

How it works...

See also

Automating OpenStack installations using Ansible – host configuration

Getting ready

How to do it...

How it works...

Automating OpenStack installations using Ansible – Playbook configuration

Getting ready

How to do it...

How it works...

See also

Automating OpenStack installations using Ansible – running Playbooks

Getting ready

How to do it...

How it works...

There's more...

See also

3. Module 3

1. The Troubleshooting Toolkit

The project overview of OpenStack

Keystone

Glance

Neutron

Nova

Cinder

Swift

Heat

Ceilometer

Horizon

Oslo

Documentation

Ironic

Magnum

Trove

Barbican

Congress

Designate

The supporting technologies

Linux

Databases

Message queue

The Apache web server

Basic troubleshooting methodology and tools

General Linux tools

Linux processes

ps

pgrep

pkill

top and htop

Hard drives

df

fdisk

parted

cat /proc/partitions

Installed packages

General tools

The watch command

File tools

Message broker tools

RabbitMQ

Summary

2. Troubleshooting OpenStack Identity

Know your version

Running Keystone under Eventlet

Checking the Keystone service

Checking the Keystone client

Checking the OpenStack Client

The client debug mode

Checking the API

Keystone process not starting

Database stopped

The service catalog endpoint

Running under WSGI

mod_wsgi

wsgi-keystone.conf

Stopping the Eventlet process

Checking WSGI files

Checking the Keystone service

Summary

3. Troubleshooting the OpenStack Image Service

Glance services

Confirming the Glance database

Confirming the Glance authentication

Keystone up

Service User Set Up

The service user setup

Service endpoints correct

Confirming the Glance API setup

Checking the command-line interface client

Glance logging and configuration

The log level

Where to look

Searching logs

Common errors

Unable to establish connection

Internal server errors (HTTP 500)

Unable to validate token

Summary

4. Troubleshooting OpenStack Networking

Identifying Neutron issues

Neutron services and agents

Neutron logs

Common problems

When you can't ping an instance

Security groups

Network namespaces

No IP address

Troubleshooting tools

ovs-vsctl

The Neutron client

Summary

5. Troubleshooting OpenStack Compute

Checking the services

nova-api

Address already in use

The permission error

nova-scheduler

nova-compute

nova-conductor

Supporting services

The Nova database

Nova authentication

Keystone up

Setting up the service user

Service endpoints correct

Nova and Glance

Nova and Neutron

Summary

6. Troubleshooting OpenStack Block Storage

Cinder processes

Logging

Cinder dependencies

Keystone authentication problems

RabbitMQ problems

Cinder errors

Missing the cinder-volumes volume group

The volume stuck in the creating state

Insufficient free space

Not sending heartbeat

Summary

7. Troubleshooting OpenStack Object Storage

Swift processes

The proxy server

Swift authentication

Troubleshooting TempAuth

TempAuth configuration

The account and username

The password

400 Bad Request

Troubleshooting Swauth

Swauth initialization

Swift with Keystone

Swift users

Summary

8. Troubleshooting the OpenStack the Orchestration Service

Heat services

Running heat-api

Running heat-engine

Heat authentication

The Keystone service

Auth credentials

Heat template errors

Summary

9. Troubleshooting the OpenStack Telemetry Service

Ceilometer processes

Ceilometer authentication

Ceilometer dependencies

The message broker

Databases

The command-line client

The meter list command

Glance meters

Nova meters

The sample list

Summary

10. OpenStack Performance, Availability, and Reliability

Databases

Availability

MySQL with Galera Cluster

Postgres

Performance

MySQL

Show status

Mytop

The Mytop header section

The Mytop thread section

Percona Toolkit

Postgres

The PostgreSQL statistics collector

Database backups

Monitoring

Resource monitoring

OpenStack quotas

RabbitMQ

Clustering

Mirrored queues

Services

Monitoring service processes

Backing up services

Community resources

Testing

Bugs

Ask.openstack.org

Summary

A. Bibliography

Index