Installing OpenStack Folsom on Debian GNU/Linux wheezy

Installing and testing OpenStack Folsom on a virgin Debian GNU/Linux wheezy takes less than one hour. A set of packages is archived to make sure it keeps working. After checking the pre-requisites such as a public and private interface, the packages are installed and debconf questions answered as instructed.
The networks must then be created with

nova-manage network create private --fixed_range_v4=10.20.0.0/16 \
  --network_size=256 --num_networks=2 --vlan=100

/etc/nova/nova.conf is updated to set vlan_interface=dummy0, public_interface=eth0 and fixed_range=10.20.0.0/16. /etc/nova/nova-compute.conf is updated to use LibvirtBridgeDriver and an instance can be booted with:

nova boot --poll --flavor m1.tiny --image cirrOS-0.3.0-x86_64 \
  --key_name loic test

Pre-requisites

In the following list of pre-requisites, the values are use throughout this HOWTO and should be replaced with values matching the target machine configuration and the intented usage.

  • 10GB: in / for the system and the logs
  • 10GB: in /var/lib/nova for instances root disks
  • 10GB: in /var/lib/glance for bootable images
  • eth0: public network interface, i.e. where public IP are bound
  • dummy0: private network interface
  • 192.168.42.1: private IP address on dummy0
  • volumes: LVM volume group dedicated to cinder

Add folsom packages

cat > /etc/apt/sources.list.d/folsom.list <<EOF
deb http://openstack.dachary.org/2013-01-13 ./
deb-src http://openstack.dachary.org/2013-01-13 ./
EOF
apt-get update

Configuring dummy0

If the bare metal machine does not have two physical network interfaces, one can be created with:

cat >> /etc/network/interfaces <<EOF
auto dummy0
iface dummy0 inet static
        address 192.168.42.1
        netmask 255.255.255.0
        network 192.168.42.0
        broadcast 192.168.42.255
EOF
ifup dummy0

Configuring the packages

The MySQL root database password is not set. When asked by debconf, return is hit and no string is typed. The answers to the other debconf questions are archived together with the questions as they show when using DEBIAN_FRONTENT=readline.

debconf-set-selections <<EOF
# Will this server be used to access remote databases?
dbconfig-common dbconfig-common/remote-questions-default        boolean true
# Keep "administrative" database passwords?
dbconfig-common dbconfig-common/remember-admin-pass     boolean yes
EOF
apt-get install -y dbconfig-common
apt-get install -y mysql-server
apt-get install -y --force-yes keystone
apt-get install -y --force-yes python-cinderclient python-glanceclient memcached rabbitmq-server ntp cinder-api cinder-scheduler glance nova-api nova-console nova-scheduler nova-xvpvncproxy openstack-dashboard-apache nova-api nova-cert nova-compute nova-compute-kvm nova-network cinder-volume iscsitarget 

Manual configuration

Networks are added to be used by tenants

nova-manage network create private --fixed_range_v4=10.20.0.0/16 --network_size=256 --num_networks=2 --vlan=100

and show with

nova-manage network list
id      IPv4                    IPv6            start address   ...
1       10.20.0.0/24            None            10.20.0.3       ...
2       10.20.1.0/24            None            10.20.1.3       ...
sed -i -e 's/^vlan_interface.*/vlan_interface=dummy0/' \
       -e 's/^#public_interface.*/public_interface=eth0/' \
       -e 's:^#fixed_range.*:fixed_range=10.20.0.0/16:' \
       /etc/nova/nova.conf
sed -i -e 's/^libvirt_vif_driver=.*/libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtBridgeDriver/' /etc/nova/nova-compute.conf
/etc/init.d/nova-compute restart
/etc/init.d/nova-api restart
/etc/init.d/nova-scheduler restart

Testing the installation

Immediately after the keystone installation, a single service is registered

keystone --token ADMIN --endpoint http://192.168.42.1:35357/v2.0/ service-list
+----------------------------------+----------+----------+---------------------------+
|                id                |   name   |   type   |        description        |
+----------------------------------+----------+----------+---------------------------+
n| cf8327d7e9934fdf98d7a9a6e6346369 | keystone | identity | Keystone Identity Service |
+----------------------------------+----------+----------+---------------------------+

The services are displayed with

# nova-manage service list
Binary           Host   Zone Status     State Updated_At
nova-cert        wheezy nova enabled    :-)    2013-01-13 22:38:20
nova-compute     wheezy nova enabled    :-)    2013-01-13 22:38:22
nova-console     wheezy nova enabled    :-)    2013-01-13 22:38:22
nova-consoleauth wheezy nova enabled    :-)    2013-01-13 22:38:22
nova-network     wheezy nova enabled    :-)    2013-01-13 22:38:15
nova-scheduler   wheezy nova enabled    :-)    2013-01-13 22:38:15

The client credential are exported with

export OS_PASSWORD=ADMIN
export OS_AUTH_URL=http://127.0.0.1:5000/v2.0/
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
export OS_VERSION=1.1
export OS_NO_CACHE=1

An image ( bootable disk image ) is uploaded

# wget https://launchpadlibrarian.net/83305348/cirros-0.3.0-x86_64-disk.img
glance add name="cirrOS-0.3.0-x86_64" is_public=true \
 container_format=bare \
 disk_format=qcow2 < cirros-0.3.0-x86_64-disk.img

and shows with

# nova image-list
+--------------------------------------+---------------------+--------+--------+
| ID                                   | Name                | Status | Server |
+--------------------------------------+---------------------+--------+--------+
| 0fd5cd47-fdc5-4627-a962-ef0783378ca2 | cirrOS-0.3.0-x86_64 | ACTIVE |        |
+--------------------------------------+---------------------+--------+--------+

A keypair ( ssh public key ) is uploaded

# cat > loic-rsa.pub <<EOF
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApKfP/I/WoSeX7MAFGpdntC56oHk0wJNn+qy0cud321yTaZRReJGQyqhoBk/sXsnqF4mOpXTf3+Ao1hQIiFazR5Fbmvk7DR0nKj8sGPV0iJB1F0+eyL+w7mgPyD8VDCw+ygCWG4ghMfeGKRAJQweO4v7rFx61UeYDxNk3roOgeuM= loic@inspiron.dachary.org
EOF
nova keypair-add --pub_key loic-rsa.pub loic

and shows with

# nova keypair-list
+------+-------------------------------------------------+
| Name | Fingerprint                                     |
+------+-------------------------------------------------+
| loic | e0:a3:ab:5f:01:54:5c:1d:19:40:d9:62:b4:b3:a1:0b |
+------+-------------------------------------------------+

An instance is created

nova boot --poll --flavor m1.tiny --image cirrOS-0.3.0-x86_64 --key_name loic test

and shows with

nova list
+--------------------------------------+------+--------+---------------------+
| ID                                   | Name | Status | Networks            |
+--------------------------------------+------+--------+---------------------+
| f70f1f97-c537-4cec-964d-75354836ec30 | test | ACTIVE | private_0=10.20.0.3 |
+--------------------------------------+------+--------+---------------------+

The default login is cirros :

ssh cirros@10.20.0.3
$

Troubleshooting

To figure out which line of code issues a message or raises an exception:

python -u -m trace --trace  /usr/bin/keystone ...

To list the debconf answers:

apt-get install debconf-utils
debconf-get-selections | grep '^keystone'

If debconf-set-selections displays error: Cannot find a question for... run:

/usr/share/debconf/fix_db.pl

To debug or fix a postinstall script, rebuild the package with:

apt-get build-dep glance
apt-get source glance
# ... edit debian/glance-common.postinst ...
( cd glance-* ; DEB_BUILD_OPTIONS=nocheck dpkg-buildpackage -uc -us )
dpkg -i glance-common*.deb

The openstack-pkg-tools provides functions used in all packages and it does not support DEBIAN_FRONTEND=noninteractive The following does not work :

AUTH_TOKEN=ADMIN # token used by services to dialog with keystone
wget -qO - http://openstack.dachary.org/2013-01-13/folsom-example-preseed.txt |
  sed -e "s/ENDPOINT_IP/$(facter ipaddress_eth0)/" \
      -e "s/PRIVATE_IP/$(facter ipaddress_dummy0)/" \
      -e "s/AUTH_TOKEN/$AUTH_TOKEN/" \
  | debconf-set-selections
export DEBIAN_FRONTEND=noninteractive

The symptom of the problem can be seen during installation when the following output shows:

error encountered determining package or command:
dbconfig-common can not determine the maintainer script running it.

folsom packages for wheezy

The pacakges used for this installation are archived and can be used with:

cat > /etc/apt/sources.list.d/folsom.list <<EOF
deb http://openstack.dachary.org/2013-01-13 ./
deb-src http://openstack.dachary.org/2013-01-13 ./
EOF

The repository was created assuming the target architecture is amd64 with

# lftp http://ftp.gplhost.com/debian/pool/
cd ok, cwd=/debian/pool
lftp ftp.gplhost.com:/debian/pool> mirror wheezy-backports
Total: 13 directories, 71 files, 0 symlinks
New: 71 files, 0 symlinks
14148861 bytes transferred in 18 seconds (788.4K/s)
lftp ftp.gplhost.com:/debian/pool> mirror openstack
Total: 41 directories, 268 files, 0 symlinks
New: 268 files, 0 symlinks
93028948 bytes transferred in 77 seconds (1.15M/s)
# rm wheezy-backports/main/*/*/*{arm,i386,powerpc,freebsd,mips,s390,sparc}*
# dpkg-scansources . /dev/null | gzip > Sources.gz
# dpkg-scanpackages . /dev/null | gzip > Packages.gz
This entry was posted in Folsom, debian, openstack. Bookmark the permalink.

4 Responses to Installing OpenStack Folsom on Debian GNU/Linux wheezy

  1. Pingback: Installing OpenStack Folsom on Debian GNU/Linux wheezy | Debian-News.net - Your one stop for news about Debian

  2. Bryan says:

    I am using your guide (http://openstack.dachary.org/2013-01-13/) to install folsom. I made a few changes one of them to include Cinder in the install. After the installation I notice that cinder-api is down and that when I try doing a cinder list I get this on the nova-api.log :

    2013-07-26 15:29:27 25336 ERROR keystone.middleware.auth_token [-] HTTP connection exception: [Errno -2] Name or service not known
    2013-07-26 15:29:27 25336 WARNING keystone.middleware.auth_token [-] Authorization failed for token aceb71f6c29847b2b5ac726c9e3cb4b6
    2013-07-26 15:29:27 25336 INFO keystone.middleware.auth_token [-] Invalid user token - rejecting request

    I traced it down to the api-paste.ini for cinder where I noticed this line
    auth_host = "192.168.42.1 "

    after removing the “” and restarting the services cinder list works fine and so does everything else. But I am bothered by these aphostrophes, I looked through the packages you are hosting and I could not find it. Any ideas? Anyways thanks for this guide.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>