"Packstack으로 오픈스택 설치 실습 (2대 구성)"의 두 판 사이의 차이

2015년 11월 13일 (금) 02:46 판

✔️ VirtualBox, CentOS 7에서 테스트하였습니다.

OpenStack 설치 실습
오픈스택 설치 실습

1 호스트 전용 네트워크

용도	네트워크명	IP	서브넷 마스크
사설 네트워크	VirtualBox Host-Only Ethernet Adpater	172.25.10.1	255.255.255.0
공중 네트워크	브리지 어댑터	·	·

2 네트워크 설정

호스트명	어댑터1	어댑터 2
servera.pod1.example.com	호스트 전용 어댑터	브리지 어댑터
serverb.pod2.example.com	호스트 전용 어댑터	브리지 어댑터

3 IP 주소 예시

호스트명	lo	eth0	eth1
servera.pod1.example.com	127.0.0.1	172.25.10.10	192.168.0.100
serverb.pod1.example.com	127.0.0.1	172.25.10.11	192.168.0.101

4 서버 네트워크 설정

servera, serverb 동일한 방식으로 설정 (단, IP주소는 다름)

[root@localhost ~]# systemctl disable NetworkManager
[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# systemctl status NetworkManager
NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; disabled)
   Active: inactive (dead)

Nov 12 07:32:14 serverb.pod1.example.com systemd[1]: Stopped Network Manager.

[root@localhost ~]# ll /etc/sysconfig/network-scripts/ifcfg*
-rw-r--r--. 1 root root 102 Nov 12 07:19 /etc/sysconfig/network-scripts/ifcfg-eth0
-rw-r--r--. 1 root root 104 Nov 12 07:19 /etc/sysconfig/network-scripts/ifcfg-eth1
-rw-r--r--. 1 root root 254 Jan 15  2015 /etc/sysconfig/network-scripts/ifcfg-lo

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
IPADDR=172.25.10.10
NETMASK=255.255.255.0
GATEWAY=172.25.10.1
ONBOOT=yes

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
BOOTPROTO=static
IPADDR=192.168.0.100
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
ONBOOT=yes

[root@localhost ~]# systemctl start network
[root@localhost ~]# systemctl status network
network.service - LSB: Bring up/down networking
   Loaded: loaded (/etc/rc.d/init.d/network)
   Active: active (exited) since Thu 2015-11-12 07:27:57 EST; 59s ago
  Process: 8080 ExecStop=/etc/rc.d/init.d/network stop (code=exited, status=0/SUCCESS)
  Process: 8378 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=0/SUCCESS)

Nov 12 07:27:51 servera.pod1.example.com systemd[1]: Starting LSB: Bring up/down networking...
Nov 12 07:27:51 servera.pod1.example.com network[8378]: Bringing up loopback interface:  [  OK  ]
Nov 12 07:27:54 servera.pod1.example.com network[8378]: Bringing up interface eth0:  [  OK  ]
Nov 12 07:27:57 servera.pod1.example.com network[8378]: Bringing up interface eth1:  [  OK  ]
Nov 12 07:27:57 servera.pod1.example.com systemd[1]: Started LSB: Bring up/down networking.

[root@servera ~]# ip addr | grep 'inet '
    inet 127.0.0.1/8 scope host lo
    inet 172.25.10.10/24 brd 172.25.10.255 scope global eth0
    inet 192.168.0.100/24 brd 192.168.0.255 scope global eth1

5 호스트명 변경 후 재부팅

[root@localhost ~]# hostnamectl set-hostname servera.pod1.example.com
[root@localhost ~]# hostname -f
servera.pod1.example.com

[root@localhost ~]# reboot

6 서버 hosts 파일 설정

[root@servera ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.10.10 servera.pod1.example.com servera
172.25.10.11 serverb.pod1.example.com serverb

7 서버간 통신 확인

servera, serverb 둘다 동일하게 확인

ping servera -c1 | egrep 'PING|0%'
ping serverb -c1 | egrep 'PING|0%'
ping servera.pod1.example.com -c1 | egrep 'PING|0%'
ping serverb.pod1.example.com -c1 | egrep 'PING|0%'
ping 8.8.8.8 -c1 | egrep 'PING|0%'
ping time.bora.net -c1 | egrep 'PING|0%'

[root@servera ~]# ping servera -c1 | egrep 'PING|0%'
PING servera.pod1.example.com (172.25.10.10) 56(84) bytes of data.
1 packets transmitted, 1 received, 0% packet loss, time 0ms

[root@servera ~]# ping serverb -c1 | egrep 'PING|0%'
PING serverb.pod1.example.com (172.25.10.11) 56(84) bytes of data.
1 packets transmitted, 1 received, 0% packet loss, time 0ms

[root@servera ~]# ping servera.pod1.example.com -c1 | egrep 'PING|0%'
PING servera.pod1.example.com (172.25.10.10) 56(84) bytes of data.
1 packets transmitted, 1 received, 0% packet loss, time 0ms

[root@servera ~]# ping serverb.pod1.example.com -c1 | egrep 'PING|0%'
PING serverb.pod1.example.com (172.25.10.11) 56(84) bytes of data.
1 packets transmitted, 1 received, 0% packet loss, time 0ms

[root@servera ~]# ping 8.8.8.8 -c1 | egrep 'PING|0%'
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
1 packets transmitted, 1 received, 0% packet loss, time 0ms

[root@servera ~]# ping time.bora.net -c1 | egrep 'PING|0%'
PING time.bora.net (203.248.240.140) 56(84) bytes of data.
1 packets transmitted, 1 received, 0% packet loss, time 0ms

8 yum update

yum update 문서를 참고하십시오.

servera, serverb 둘다 동일하게 적용

[root@servera ~]# yum repolist
... (생략)
repo id                         repo name                         status
base/7/x86_64                   CentOS-7 - Base                   8,652
extras/7/x86_64                 CentOS-7 - Extras                   275
updates/7/x86_64                CentOS-7 - Updates                1,707
repolist: 10,634

[root@servera ~]# yum update -y
... (생략)
  xz-libs.x86_64 0:5.1.2-9alpha.el7                                     
  yum.noarch 0:3.4.3-125.el7.centos                                     
  yum-plugin-fastestmirror.noarch 0:1.1.31-29.el7                       

Replaced:
  NetworkManager.x86_64 1:0.9.9.1-13.git20140326.4dba720.el7            

Complete!

9 openstack-liberty 저장소 추가

여기부터는 servera만 적용 ★★

[root@servera ~]# yum install https://www.rdoproject.org/repos/rdo-release.rpm -y
...(생략)
Installed:
  rdo-release.noarch 0:liberty-2                                        

Complete!

[root@servera ~]# yum repolist
... (생략)
repo id                        repo name                          status
base/7/x86_64                  CentOS-7 - Base                    8,652
extras/7/x86_64                CentOS-7 - Extras                    275
openstack-liberty/x86_64       OpenStack Liberty Repository         723
updates/7/x86_64               CentOS-7 - Updates                 1,707
repolist: 11,357

10 openstack-packstack 설치

[root@servera ~]# yum install openstack-packstack -y
... (생략)
  rubygem-psych.x86_64 0:2.0.0-25.el7_1                                 
  rubygem-rdoc.noarch 0:4.0.0-25.el7_1                                  
  rubygems.noarch 0:2.0.14-25.el7_1                                     

Complete!

[root@servera ~]# packstack --version
packstack Liberty 2015.2.dev1654.gcbbf46e

11 answer 파일 생성

answer.txt 파일 생성

[root@servera ~]# packstack --gen-answer-file answer.txt
Packstack changed given value  to required value /root/.ssh/id_rsa.pub

사본 보존

[root@servera ~]# cp answer.txt answer.old

12 answer 파일 편집 #1

[root@servera ~]# vi answer.txt

...
CONFIG_DEFAULT_PASSWORD=mypw
...
CONFIG_HEAT_INSTALL=y
...
CONFIG_NTP_SERVERS=time.boar.net
...
CONFIG_KEYSTONE_ADMIN_PW=mypw
...
CONFIG_HORIZON_SSL=y
...
CONFIG_HEAT_CFN_INSTALL=y
...
CONFIG_PROVISION_DEMO=n

변경내용 확인

[root@servera ~]# diff answer.old answer.txt
11c11
< CONFIG_DEFAULT_PASSWORD=
---
> CONFIG_DEFAULT_PASSWORD=mypw
43c43
< CONFIG_HEAT_INSTALL=n
---
> CONFIG_HEAT_INSTALL=y
62c62
< CONFIG_NTP_SERVERS=
---
> CONFIG_NTP_SERVERS=time.bora.net
303c303
< CONFIG_KEYSTONE_ADMIN_PW=efdd3c010d89439c
---
> CONFIG_KEYSTONE_ADMIN_PW=mypw
1014c1014
< CONFIG_HORIZON_SSL=n
---
> CONFIG_HORIZON_SSL=y
1077c1077
< CONFIG_HEAT_CFN_INSTALL=n
---
> CONFIG_HEAT_CFN_INSTALL=y
1090c1090
< CONFIG_PROVISION_DEMO=y
---
> CONFIG_PROVISION_DEMO=n

13 answer 파일 편집 #2

172.25.10.10 (eth0)을 기준으로 설정되어야 하는데 192.168.0 (eth1)을 기준으로 설정되어 있음

[root@servera ~]# cat answer.txt | grep 192.168.0
CONFIG_CONTROLLER_HOST=192.168.0.100
CONFIG_COMPUTE_HOSTS=192.168.0.100
CONFIG_NETWORK_HOSTS=192.168.0.100
CONFIG_STORAGE_HOST=192.168.0.100
CONFIG_SAHARA_HOST=192.168.0.100
CONFIG_AMQP_HOST=192.168.0.100
CONFIG_MARIADB_HOST=192.168.0.100
CONFIG_KEYSTONE_LDAP_URL=ldap://192.168.0.100
CONFIG_MONGODB_HOST=192.168.0.100
CONFIG_REDIS_MASTER_HOST=192.168.0.100

사본2 보존

[root@servera ~]# cp answer.txt answer.old2

IP 바꿔치기

[root@servera ~]# sed -i 's/192.168.0.100/172.25.10.10/g' answer.txt

[root@servera ~]# diff answer.old2 answer.txt
82c82
< CONFIG_CONTROLLER_HOST=192.168.0.100
---
> CONFIG_CONTROLLER_HOST=172.25.10.10
85c85
< CONFIG_COMPUTE_HOSTS=192.168.0.100
---
> CONFIG_COMPUTE_HOSTS=172.25.10.10
89c89
< CONFIG_NETWORK_HOSTS=192.168.0.100
---
> CONFIG_NETWORK_HOSTS=172.25.10.10
124c124
< CONFIG_STORAGE_HOST=192.168.0.100
---
> CONFIG_STORAGE_HOST=172.25.10.10
128c128
< CONFIG_SAHARA_HOST=192.168.0.100
---
> CONFIG_SAHARA_HOST=172.25.10.10
250c250
< CONFIG_AMQP_HOST=192.168.0.100
---
> CONFIG_AMQP_HOST=172.25.10.10
272c272
< CONFIG_MARIADB_HOST=192.168.0.100
---
> CONFIG_MARIADB_HOST=172.25.10.10
323c323
< CONFIG_KEYSTONE_LDAP_URL=ldap://192.168.0.100
---
> CONFIG_KEYSTONE_LDAP_URL=ldap://172.25.10.10
1148c1148
< CONFIG_MONGODB_HOST=192.168.0.100
---
> CONFIG_MONGODB_HOST=172.25.10.10
1152c1152
< CONFIG_REDIS_MASTER_HOST=192.168.0.100
---
> CONFIG_REDIS_MASTER_HOST=172.25.10.10

14 answer 파일 적용

[root@servera ~]# packstack --answer-file answer.txt
Welcome to the Packstack setup utility

The installation log file is available at: /var/tmp/packstack/20151112-070612-eQyGc6/openstack-setup.log

Installing:
Clean Up                                             [ DONE ]
Discovering ip protocol version                      [ DONE ]
Setting up ssh keys                                  [ DONE ]
... (생략)
Applying 172.25.10.10_nagios.pp
Applying 172.25.10.10_nagios_nrpe.pp
172.25.10.10_nagios.pp:                              [ DONE ]          
172.25.10.10_nagios_nrpe.pp:                         [ DONE ]          
Applying 172.25.10.10_postscript.pp
172.25.10.10_postscript.pp:                          [ DONE ]         
Applying Puppet manifests                            [ DONE ]
Finalizing                                           [ DONE ]

 **** Installation completed successfully ******

Additional information:
 * Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
 * File /root/keystonerc_admin has been created on OpenStack client host 172.25.10.10. To use the command line tools you need to source the file.
 * To access the OpenStack Dashboard browse to http://172.25.10.10/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
 * To use Nagios, browse to http://172.25.10.10/nagios username: nagiosadmin, password: 9f93ebcf440a49cc
 * The installation log file is available at: /var/tmp/packstack/20151112-080818-IA1k9X/openstack-setup.log
 * The generated manifests are available at: /var/tmp/packstack/20151112-080818-IA1k9X/manifests

15 오픈스택 서비스 확인

[root@servera ~]# openstack-status
== Nova services ==
openstack-nova-api:                     active
openstack-nova-cert:                    active
openstack-nova-compute:                 active
openstack-nova-network:                 inactive  (disabled on boot)
openstack-nova-scheduler:               active
openstack-nova-conductor:               active
== Glance services ==
openstack-glance-api:                   active
openstack-glance-registry:              active
== Keystone service ==
openstack-keystone:                     inactive  (disabled on boot)
== Horizon service ==
openstack-dashboard:                    301
== neutron services ==
neutron-server:                         active
neutron-dhcp-agent:                     active
neutron-l3-agent:                       active
neutron-metadata-agent:                 active
neutron-openvswitch-agent:              active
== Swift services ==
openstack-swift-proxy:                  active
openstack-swift-account:                active
openstack-swift-container:              active
openstack-swift-object:                 active
== Cinder services ==
openstack-cinder-api:                   active
openstack-cinder-scheduler:             active
openstack-cinder-volume:                active
openstack-cinder-backup:                active
== Ceilometer services ==
openstack-ceilometer-api:               active
openstack-ceilometer-central:           active
openstack-ceilometer-compute:           active
openstack-ceilometer-collector:         active
openstack-ceilometer-alarm-notifier:    active
openstack-ceilometer-alarm-evaluator:   active
openstack-ceilometer-notification:      active
== Heat services ==
openstack-heat-api:                     active
openstack-heat-api-cfn:                 active
openstack-heat-api-cloudwatch:          inactive  (disabled on boot)
openstack-heat-engine:                  active
== Support services ==
mysqld:                                 active    (disabled on boot)
openvswitch:                            active
dbus:                                   active
target:                                 active
rabbitmq-server:                        active
memcached:                              active
== Keystone users ==
Warning keystonerc not sourced

16 브리지 네트워크 구성

ifcfg-eth0 보존 및 br-ex로 복사

[root@servera ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /root/
[root@servera ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-br-ex

ifcfg-eth0 수정

[root@servera ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
DEVICETYPE=ovs
ONBOOT=yes
OVS_BRIDGE=br-ex
TYPE=OVSPort

ifcfg-br-ex 수정

[root@servera ~]# vi /etc/sysconfig/network-scripts/ifcfg-br-ex

DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
ONBOOT=yes
BOOTPROTO=static
USERCTL=yes
IPADDR=172.25.10.10
NETMASK=255.255.255.0
GATEWAY=172.25.10.1
DNS1=8.8.8.8

확인

[root@servera ~]# ovs-vsctl show | grep Bridge
    Bridge br-int
    Bridge br-ex
    Bridge br-tun

[root@servera ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:66:75:be brd ff:ff:ff:ff:ff:ff
    inet6 fe80::a00:27ff:fe66:75be/64 scope link 
       valid_lft forever preferred_lft forever

[root@servera ~]# ip addr show br-ex
10: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether 96:0a:88:8e:a9:45 brd ff:ff:ff:ff:ff:ff
    inet 172.25.10.10/24 brd 172.25.10.255 scope global br-ex
       valid_lft forever preferred_lft forever
    inet6 fe80::940a:88ff:fe8e:a945/64 scope link 
       valid_lft forever preferred_lft forever

17 참고 자료

@@ 362번째 줄: / 362번째 줄: @@
 Setting up ssh keys                                  [ DONE ]
 ... (생략)
-Copying Puppet modules and manifests                 [ DONE ]
+Applying 172.25.10.10_nagios.pp
-Applying 192.168.0.27_prescript.pp
+Applying 172.25.10.10_nagios_nrpe.pp
-.168.0.27_prescript.pp:                           [ DONE ]
+.25.10.10_nagios.pp:                              [ DONE ]
-Applying 192.168.0.27_chrony.pp
+.25.10.10_nagios_nrpe.pp:                         [ DONE ]
-.168.0.27_chrony.pp:                           [ ERROR ]
+Applying 172.25.10.10_postscript.pp
-Applying Puppet manifests                         [ ERROR ]
+.25.10.10_postscript.pp:                          [ DONE ]
-ERROR : Error appeared during Puppet run: 192.168.0.27_chrony.pp
-Error: /usr/sbin/ntpdate time.nist.gov returned 1 instead of one of [0]
-You will find full trace in log /var/tmp/packstack/20151112-070612-eQyGc6/manifests/192.168.0.27_chrony.pp.log
-Please check log file /var/tmp/packstack/20151112-070612-eQyGc6/openstack-setup.log for more information
-Additional information:
- * NOTE : A selfsigned CA certificate was generated to be used for ssl, you should still change it do subordinate CA cert. In any case please save the contents of /root/packstackca/.
- * File /root/keystonerc_admin has been created on OpenStack client host 192.168.0.27. To use the command line tools you need to source the file.
- * NOTE : A certificate was generated to be used for ssl, You should change the ssl certificate configured in /etc/httpd/conf.d/ssl.conf on 192.168.0.27 to use a CA signed cert.
- * To access the OpenStack Dashboard browse to https://192.168.0.27/dashboard .
-Please, find your login credentials stored in the keystonerc_admin in your home directory.
- * To use Nagios, browse to http://192.168.0.27/nagios username: nagiosadmin, password: c1b3215288ce45dc
-</source>
-==오류 로그 확인==
-<source lang='cli'>
-[root@servera ~]# cat  /var/tmp/packstack/20151112-070612-eQyGc6/manifests/192.168.0.27_chrony.pp.log
-Error: NetworkManager is not running.
-Notice: Compiled catalog for servera.pod1.example.com in environment production in 0.35 seconds
-Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
-   (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
-Notice: /Stage[main]/Main/Package[chrony]/ensure: created
-Notice: /Stage[main]/Main/Package[ntpdate]/ensure: created
-Notice: /Stage[main]/Main/File[chrony_conf]/content: content changed '{md5}f9b03c5e44a754c3ffd8e135a0a3b35e' to '{md5}7280ea82060233a1abbaad0d0c592845'
-Notice: /Stage[main]/Main/Exec[stop-chronyd]/returns: executed successfully
-Notice: /Stage[main]/Main/Exec[ntpdate]/returns: 12 Nov 07:15:16 ntpdate[7888]: no server suitable for synchronization found
-Error: /usr/sbin/ntpdate time.nist.gov returned 1 instead of one of [0]
-Error: /Stage[main]/Main/Exec[ntpdate]/returns: change from notrun to 0 failed: /usr/sbin/ntpdate time.nist.gov returned 1 instead of one of [0]
-Notice: /Stage[main]/Main/Service[chronyd]: Dependency Exec[ntpdate] has failures: true
-Warning: /Stage[main]/Main/Service[chronyd]: Skipping because of failed dependencies
-Notice: Finished catalog run in 37.44 seconds
-</source>
-<source lang='cli'>
-[root@servera ~]# systemctl status NetworkManager
-NetworkManager.service - Network Manager
-   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; disabled)
-   Active: inactive (dead)
-</source>
-<source lang='cli'>
-[root@servera ~]# /usr/sbin/ntpdate time.nist.gov
-Nov 07:28:23 ntpdate[10178]: adjust time server 129.6.15.28 offset 0.449533 sec
-[root@servera ~]# echo $?
-</source>
-==재시도(성공)==
-<source lang='cli'>
-[root@servera ~]# packstack --answer-file answer.txt
-... (생략)
-Applying 192.168.0.27_postscript.pp
-.168.0.27_postscript.pp:                          [ DONE ]
 Applying Puppet manifests                            [ DONE ]
 Finalizing                                           [ DONE ]
@@ 425번째 줄: / 374번째 줄: @@
 Additional information:
-  * File /root/keystonerc_admin has been created on OpenStack client host 192.168.0.27. To use the command line tools you need to source the file.
+ * Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
- * NOTE : A certificate was generated to be used for ssl, You should change the ssl certificate configured in /etc/httpd/conf.d/ssl.conf on 192.168.0.27 to use a CA signed cert.
+  * File /root/keystonerc_admin has been created on OpenStack client host 172.25.10.10. To use the command line tools you need to source the file.
-  * To access the OpenStack Dashboard browse to https://192.168.0.27/dashboard .
+  * To access the OpenStack Dashboard browse to http://172.25.10.10/dashboard .
 Please, find your login credentials stored in the keystonerc_admin in your home directory.
-  * To use Nagios, browse to http://192.168.0.27/nagios username: nagiosadmin, password: c1b3215288ce45dc
+  * To use Nagios, browse to http://172.25.10.10/nagios username: nagiosadmin, password: 9f93ebcf440a49cc
-  * The installation log file is available at: /var/tmp/packstack/20151112-072553-TRk9OV/openstack-setup.log
+  * The installation log file is available at: /var/tmp/packstack/20151112-080818-IA1k9X/openstack-setup.log
-  * The generated manifests are available at: /var/tmp/packstack/20151112-072553-TRk9OV/manifests
+  * The generated manifests are available at: /var/tmp/packstack/20151112-080818-IA1k9X/manifests
 </source>