Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 0986a7b760e34741d4df6f97851f6d98fec4f99c / . / doc / source / guides / multinode-lab.rst
blob: 1c532278356f95c9c664648b1ca2fc4210740b18 [file] [log] [blame]
Dean Troyer0986a7b2014-10-29 22:08:13 -0500[diff] [blame^]1==============
2Multi-Node Lab
3==============
Sean M. Collins09e550c2014-10-21 11:40:08 -0400[diff] [blame]4
5Here is OpenStack in a realistic test configuration with multiple
6physical servers.
7
8Prerequisites Linux & Network
9-----------------------------
10
11Minimal Install
12~~~~~~~~~~~~~~~
13
14You need to have a system with a fresh install of Linux. You can
15download the `Minimal
16CD <https://help.ubuntu.com/community/Installation/MinimalCD>`__ for
17Ubuntu releases since DevStack will download & install all the
18additional dependencies. The netinstall ISO is available for
19`Fedora <http://mirrors.kernel.org/fedora/releases/18/Fedora/x86_64/iso/Fedora-20-x86_64-netinst.iso>`__
20and
21`CentOS/RHEL <http://mirrors.kernel.org/centos/6.5/isos/x86_64/CentOS-6.5-x86_64-netinstall.iso>`__.
22
23Install a couple of packages to bootstrap configuration:
24
25::
26
27 apt-get install -y git sudo || yum install -y git sudo
28
29Network Configuration
30~~~~~~~~~~~~~~~~~~~~~
31
32The first iteration of the lab uses OpenStack's FlatDHCP network
33controller so only a single network will be required. It should be on
34its own subnet without DHCP; the host IPs and floating IP pool(s) will
35come out of this block. This example uses the following:
36
37- Gateway: 192.168.42.1
38- Physical nodes: 192.168.42.11-192.168.42.99
39- Floating IPs: 192.168.42.128-192.168.42.254
40
41Configure each node with a static IP. For Ubuntu edit
42``/etc/network/interfaces``:
43
44::
45
46 auto eth0
47 iface eth0 inet static
48 address 192.168.42.11
49 netmask 255.255.255.0
50 gateway 192.168.42.1
51
52For Fedora and CentOS/RHEL edit
53``/etc/sysconfig/network-scripts/ifcfg-eth0``:
54
55::
56
57 BOOTPROTO=static
58 IPADDR=192.168.42.11
59 NETMASK=255.255.255.0
60 GATEWAY=192.168.42.1
61
62Installation shake and bake
63---------------------------
64
65Add the DevStack User
66~~~~~~~~~~~~~~~~~~~~~
67
68OpenStack runs as a non-root user that has sudo access to root. There is
69nothing special about the name, we'll use ``stack`` here. Every node
70must use the same name and preferably uid. If you created a user during
71the OS install you can use it and give it sudo privileges below.
72Otherwise create the stack user:
73
74::
75
76 groupadd stack
77 useradd -g stack -s /bin/bash -d /opt/stack -m stack
78
79This user will be making many changes to your system during installation
80and operation so it needs to have sudo privileges to root without a
81password:
82
83::
84
85 echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
86
87From here on use the ``stack`` user. **Logout** and **login** as the
88``stack`` user.
89
90Set Up Ssh
91~~~~~~~~~~
92
93Set up the stack user on each node with an ssh key for access:
94
95::
96
97 mkdir ~/.ssh; chmod 700 ~/.ssh
98 echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyYjfgyPazTvGpd8OaAvtU2utL8W6gWC4JdRS1J95GhNNfQd657yO6s1AH5KYQWktcE6FO/xNUC2reEXSGC7ezy+sGO1kj9Limv5vrvNHvF1+wts0Cmyx61D2nQw35/Qz8BvpdJANL7VwP/cFI/p3yhvx2lsnjFE3hN8xRB2LtLUopUSVdBwACOVUmH2G+2BWMJDjVINd2DPqRIA4Zhy09KJ3O1Joabr0XpQL0yt/I9x8BVHdAx6l9U0tMg9dj5+tAjZvMAFfye3PJcYwwsfJoFxC8w/SLtqlFX7Ehw++8RtvomvuipLdmWCy+T9hIkl+gHYE4cS3OIqXH7f49jdJf jesse@spacey.local" > ~/.ssh/authorized_keys
99
100Download DevStack
101~~~~~~~~~~~~~~~~~
102
103Grab the latest version of DevStack:
104
105::
106
107 git clone https://git.openstack.org/openstack-dev/devstack
108 cd devstack
109
110Up to this point all of the steps apply to each node in the cluster.
111From here on there are some differences between the cluster controller
112(aka 'head node') and the compute nodes.
113
114Configure Cluster Controller
115~~~~~~~~~~~~~~~~~~~~~~~~~~~~
116
117The cluster controller runs all OpenStack services. Configure the
118cluster controller's DevStack in ``local.conf``:
119
120::
121
122 [[local|localrc]]
123 HOST_IP=192.168.42.11
124 FLAT_INTERFACE=eth0
125 FIXED_RANGE=10.4.128.0/20
126 FIXED_NETWORK_SIZE=4096
127 FLOATING_RANGE=192.168.42.128/25
128 MULTI_HOST=1
129 LOGFILE=/opt/stack/logs/stack.sh.log
130 ADMIN_PASSWORD=labstack
131 MYSQL_PASSWORD=supersecret
132 RABBIT_PASSWORD=supersecrete
133 SERVICE_PASSWORD=supersecrete
134 SERVICE_TOKEN=xyzpdqlazydog
135
136In the multi-node configuration the first 10 or so IPs in the private
137subnet are usually reserved. Add this to ``local.sh`` to have it run
138after every ``stack.sh`` run:
139
140::
141
142 for i in `seq 2 10`; do /opt/stack/nova/bin/nova-manage fixed reserve 10.4.128.$i; done
143
144Fire up OpenStack:
145
146::
147
148 ./stack.sh
149
150A stream of activity ensues. When complete you will see a summary of
151``stack.sh``'s work, including the relevant URLs, accounts and passwords
152to poke at your shiny new OpenStack. The most recent log file is
153available in ``stack.sh.log``.
154
155Configure Compute Nodes
156~~~~~~~~~~~~~~~~~~~~~~~
157
158The compute nodes only run the OpenStack worker services. For additional
159machines, create a ``local.conf`` with:
160
161::
162
Kashyap Kopparamcd1c3c72014-10-31 17:32:57 +0530[diff] [blame]163 [[local|localrc]]
Sean M. Collins09e550c2014-10-21 11:40:08 -0400[diff] [blame]164 HOST_IP=192.168.42.12 # change this per compute node
165 FLAT_INTERFACE=eth0
166 FIXED_RANGE=10.4.128.0/20
167 FIXED_NETWORK_SIZE=4096
168 FLOATING_RANGE=192.168.42.128/25
169 MULTI_HOST=1
170 LOGFILE=/opt/stack/logs/stack.sh.log
171 ADMIN_PASSWORD=labstack
172 MYSQL_PASSWORD=supersecret
173 RABBIT_PASSWORD=supersecrete
174 SERVICE_PASSWORD=supersecrete
175 SERVICE_TOKEN=xyzpdqlazydog
176 DATABASE_TYPE=mysql
177 SERVICE_HOST=192.168.42.11
178 MYSQL_HOST=192.168.42.11
179 RABBIT_HOST=192.168.42.11
180 GLANCE_HOSTPORT=192.168.42.11:9292
181 ENABLED_SERVICES=n-cpu,n-net,n-api,c-sch,c-api,c-vol
182 NOVA_VNC_ENABLED=True
183 NOVNCPROXY_URL="http://192.168.42.11:6080/vnc_auto.html"
184 VNCSERVER_LISTEN=$HOST_IP
185 VNCSERVER_PROXYCLIENT_ADDRESS=$VNCSERVER_LISTEN
186
187Fire up OpenStack:
188
189::
190
191 ./stack.sh
192
193A stream of activity ensues. When complete you will see a summary of
194``stack.sh``'s work, including the relevant URLs, accounts and passwords
195to poke at your shiny new OpenStack. The most recent log file is
196available in ``stack.sh.log``.
197
198Cleaning Up After DevStack
199~~~~~~~~~~~~~~~~~~~~~~~~~~
200
201Shutting down OpenStack is now as simple as running the included
202``unstack.sh`` script:
203
204::
205
206 ./unstack.sh
207
208A more aggressive cleanup can be performed using ``clean.sh``. It
209removes certain troublesome packages and attempts to leave the system in
210a state where changing the database or queue manager can be reliably
211performed.
212
213::
214
215 ./clean.sh
216
217Sometimes running instances are not cleaned up. DevStack attempts to do
218this when it runs but there are times it needs to still be done by hand:
219
220::
221
222 sudo rm -rf /etc/libvirt/qemu/inst*
223 sudo virsh list | grep inst | awk '{print $1}' | xargs -n1 virsh destroy
224
225Options pimp your stack
226-----------------------
227
228Additional Users
229~~~~~~~~~~~~~~~~
230
231DevStack creates two OpenStack users (``admin`` and ``demo``) and two
232tenants (also ``admin`` and ``demo``). ``admin`` is exactly what it
233sounds like, a privileged administrative account that is a member of
234both the ``admin`` and ``demo`` tenants. ``demo`` is a normal user
235account that is only a member of the ``demo`` tenant. Creating
236additional OpenStack users can be done through the dashboard, sometimes
237it is easier to do them in bulk from a script, especially since they get
238blown away every time ``stack.sh`` runs. The following steps are ripe
239for scripting:
240
241::
242
243 # Get admin creds
244 . openrc admin admin
245
246 # List existing tenants
247 keystone tenant-list
248
249 # List existing users
250 keystone user-list
251
252 # Add a user and tenant
253 NAME=bob
254 PASSWORD=BigSecrete
255 TENANT=$NAME
256 keystone tenant-create --name=$NAME
257 keystone user-create --name=$NAME --pass=$PASSWORD
258 keystone user-role-add --user-id=<bob-user-id> --tenant-id=<bob-tenant-id> --role-id=<member-role-id>
259 # member-role-id comes from the existing member role created by stack.sh
260 # keystone role-list
261
262Swift
263~~~~~
264
265Swift requires a significant amount of resources and is disabled by
266default in DevStack. The support in DevStack is geared toward a minimal
267installation but can be used for testing. To implement a true multi-node
268test of Swift required more than DevStack provides. Enabling it is as
269simple as enabling the ``swift`` service in ``local.conf``:
270
271::
272
273 enable_service s-proxy s-object s-container s-account
274
275Swift will put its data files in ``SWIFT_DATA_DIR`` (default
276``/opt/stack/data/swift``). The size of the data 'partition' created
277(really a loop-mounted file) is set by ``SWIFT_LOOPBACK_DISK_SIZE``. The
278Swift config files are located in ``SWIFT_CONFIG_DIR`` (default
279``/etc/swift``). All of these settings can be overridden in (wait for
280it...) ``local.conf``.
281
282Volumes
283~~~~~~~
284
285DevStack will automatically use an existing LVM volume group named
286``stack-volumes`` to store cloud-created volumes. If ``stack-volumes``
287doesn't exist, DevStack will set up a 5Gb loop-mounted file to contain
288it. This obviously limits the number and size of volumes that can be
289created inside OpenStack. The size can be overridden by setting
290``VOLUME_BACKING_FILE_SIZE`` in ``local.conf``.
291
292``stack-volumes`` can be pre-created on any physical volume supported by
293Linux's LVM. The name of the volume group can be changed by setting
294``VOLUME_GROUP`` in ``localrc``. ``stack.sh`` deletes all logical
295volumes in ``VOLUME_GROUP`` that begin with ``VOLUME_NAME_PREFIX`` as
296part of cleaning up from previous runs. It is recommended to not use the
297root volume group as ``VOLUME_GROUP``.
298
299The details of creating the volume group depends on the server hardware
300involved but looks something like this:
301
302::
303
304 pvcreate /dev/sdc
305 vgcreate stack-volumes /dev/sdc
306
307Syslog
308~~~~~~
309
310DevStack is capable of using ``rsyslog`` to aggregate logging across the
311cluster. It is off by default; to turn it on set ``SYSLOG=True`` in
312``local.conf``. ``SYSLOG_HOST`` defaults to ``HOST_IP``; on the compute
313nodes it must be set to the IP of the cluster controller to send syslog
314output there. In the example above, add this to the compute node
315``local.conf``:
316
317::
318
319 SYSLOG_HOST=192.168.42.11
320
321Using Alternate Repositories/Branches
322~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
323
324The git repositories for all of the OpenStack services are defined in
325``stackrc``. Since this file is a part of the DevStack package changes
326to it will probably be overwritten as updates are applied. Every setting
327in ``stackrc`` can be redefined in ``local.conf``.
328
329To change the repository or branch that a particular OpenStack service
330is created from, simply change the value of ``*_REPO`` or ``*_BRANCH``
331corresponding to that service.
332
333After making changes to the repository or branch, if ``RECLONE`` is not
334set in ``localrc`` it may be necessary to remove the corresponding
335directory from ``/opt/stack`` to force git to re-clone the repository.
336
337For example, to pull Nova from a proposed release candidate in the
338primary Nova repository:
339
340::
341
342 NOVA_BRANCH=rc-proposed
343
344To pull Glance from an experimental fork:
345
346::
347
348 GLANCE_BRANCH=try-something-big
349 GLANCE_REPO=https://github.com/mcuser/glance.git
350
351Notes stuff you might need to know
352----------------------------------
353
354Reset the Bridge
355~~~~~~~~~~~~~~~~
356
357How to reset the bridge configuration:
358
359::
360
361 sudo brctl delif br100 eth0.926
362 sudo ip link set dev br100 down
363 sudo brctl delbr br100
364
365Set MySQL Password
366~~~~~~~~~~~~~~~~~~
367
368If you forgot to set the root password you can do this:
369
370::
371
372 mysqladmin -u root -pnova password 'supersecret'