OpenStack networking is independent service provided to help OpenStack components to communicate with each other in a sufficient way. It is named Neutron in the code. It needs access to a database to store the network configuration. As we are working with virtual machines, we come to an application called virtual switch (e.g. built-in Linux bridging and Open vSwitch) which connects virtual machines to virtual network at layer 2.
Routing and NAT is also provided by OpenStack networking service. This is achieved by using IP forwarding, iptables and network namespaces. Each network namespace has its own routing table, iptables (filtering) , and NAT. Using namespace prevents subnets overlapping between networks created by tenants. Creating a router within Neutron allows connecting instances to outside networks.
Other services provided by OpenStack networking: Loadbalancing (Client requests distribution across instances), Firewalling (security groups and firewalls), VPN (IPSec-based tunnels to remote gateways.),..
Here i’ve just started discovering OpenStack and this series of articles will be shared as usual. Lets all moved to cloud and see what we can do there for real time communications. Just pack your networking knowledge and lets see if we can gain scalability and redundancy.
I will install Red Hat OpenStack (RDO), Juno release on a single server. We can add more nodes later. My operating system is Fedora 20.
Step 0: Check Processor’s Support For Hardware Virtualization Extensions
To know the model of your processor, execute # cat /proc/cpuinfo and search for model name or execute # cat /proc/cpuinfo |grep “model name” directly. I’ve got four lines of this “model name : Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz” because i have four CPU cores with the same model “Intel”. Now to know if my processor support virtualization, i go to the Intel web site (Virtualization Page) to see if my processor is listed there. As i see it supports virtualization extensions (“Supports Intel® VT-x”). Now we can go to Step 1.
Step 1: Preparations
According to your system, you might need to do these before starting the installation:
- Increase the logical volume if it is small. Use the command “lvextend” with “-L” option.
Stop and Disable Firewalld (running by default on Fedora): This is dynamic firewalling so we disable it because we will work with iptables (static):
# systemctl stop firewalld# systemctl disable firewalld
Enable and Start iptables service:
- # service iptables save (In case the file “/etc/sysconfig/iptables” is missed)
# systemctl enable iptables# systemctl start iptables
- SELinux Status: Open the file “/etc/selinux/config” and do this:
- If “SELINUX=enforcing” change it to “SELINUX=permissive” and save the file.
- If “SELINUX=disabled” change it to “SELINUX=permissive” and save the file. Then execute “touch /.autorelabel“.
- Reboot (# reboot).
- Check the system memory: Execute: # free
Step 2: Stop & Disable The Network Manager
OpenStack networking currently does not work on systems that have the “NetworkManager”
service enabled. We need to disable the NetworkManager and replace it with the standard network service. To check the status of Network Manager, execute
# systemctl status NetworkManager
If it is running you have to stop and disable it.
# systemctl stop NetworkManager
# systemctl disable NetworkManager
Step 3: Enable & Start The Standard Network Service
The configuration files of the interfaces are exist in the folder “/etc/sysconfig/network-scripts/” and the name of each configuration file has this form “ifcfg-X” where X is the name of the interface. My interface name is “p4p2” so i must have a configuration file named as “ifcfg-p4p2”. please check the names of your interfaces and the names of the corresponding configuration files.
Now open the configuration file of each interface and check the line for interface name. For example i have this line for my interface “NAME=p4p2” in the file “ifcfg-p4p2”. To automatically make the interface activated after booting, add this line to its configuration file “ONBOOT=yes”.
Check these lines also: “BOOTPROTO=static” and “IPADDR=Your-IP-Address”. Be sure there is no number after IPADDR like IPADDR0.
Take all interfaces down. For example to take the interface p4p2 down, execute “ifdown p4p2“. Now we can start and enable the standard network service:
# systemctl enable network
# systemctl start network
Note: If the interface configuration file name is not same as the name of the interface, simply change it. The same for the interface name inside the configuration file and other parameters.
Step 4: Installing Software Repositories
First update your current packages, execute:
# yum update -y
Then install the RDO repositories, execute:
# yum install -y https://rdo.fedorapeople.org/rdo-release.rpm
Step 5: Install Packstack Installer
# yum install -y openstack-packstack
The Timeout For Puppet Exec Calls:
To avoid the timeout for Puppet exec calls, do these:
- Open the file ” /usr/lib/python2.7/site-packages/packstack/installer/run_setup.py”. Note the Python version here is 2.7 so see what you have for this path.
- Search for this line parser.add_option(“-t”, “–timeout”, default=300, help=”The timeout for puppet Exec calls”)
- Increase the default value of timeout. For example change the value to 1900 (default=1900)
Step 6: Run Packstack To Install OpenStack
# packstack –allinone
The installer will ask you to enter your SSH public key to be installed on the servers. The The public key usually found in “~/.ssh/id_rsa.pub” or “~/.ssh/id_dsa.pub” on the machine from which you will run the SSH to access your instances. You can skip this and do it later (press Enter). Then it will start to ask you some questions about the configuration of installation (modules, passwords, servers,….). One of the configuration question is this: “Do you want to run OpenStack services in debug mode [y|n] [n] : ” which i answered by “yes” because i want to discover everything. This is should not be done on deployment. Another configuration question is “Enter the network address for the floating IP subnet” which should be entered properly. The floating IP” is used to access the instance from other machines in your network.
You can change these configuration later don’t worry.
The Installation process will start like this:
Step 7: Post Installation
If the installation is completed successfully, you will get the following:
Once the installation process is completed, You can access the OpenStack Dashboard by browsing to “http://Your-IP-Address/dashboard “. Please, find your login credentials stored in the file “keystonerc_admin” in root or home directory.
You will be in this web page:
To Access the Demo Project: Find the login credentials in the file “keystonerc_demo”. Now be happy you have installed OpenStack successfully.
If you tried to log in and got this error message ” Permission denied: ‘/usr/share/openstack-dashboard/static/dashboard/js/…….js'”, do this:
- # cd /usr/share/openstack-dashboard
- # chmod -R 755 static
- # chown -R apache:apache static
The Next Article is how we run a virtual machine in OpenStack.