OpenStack Ozer

Monday 10 August 2020

Why OpenStack So Amazing

If you want to have a deep understanding of every major area of Compute world: OS, network, security, web, programming, you should consider learning and studying OpenStack.

Although compared with AWS, OpenStack is far way to go and I am even not sure if OpenStack will take over AWS in further, OpenStack is still a very good study platform.

OpenStack is a full stack cloud: OpenStack is a very complicated software suit, it has multiple components for virtualization, network, management, web and such such. You can have an overview understanding of the architecture and specialise in one area.

OpenStack has good documentation and community: As an open source product, OpenStack is supported by quite a few of global companies such as HP, RackSpace and also thousands of developers. It has lots of formal documentations as well as slides, blogs, forums. It is a key fact that OpenStack is beyond other Open Source cloud solution.

Let’s enjoy OpenStack now.

Rafa XU@Sydney

August 2014

Tuesday 2 September 2014

Typical Neutron architecture

Compute host: instance networking (A,B,C)

A: virtual NIC on the VM
B: the tap device on the VM
qbr is the linux bridge device to connect VM's NIC with br-int (workaround to support openstack security group)
C: attach the firewall bridge to the integration-bridge (br-int)

Compute host: integration bridge (D,E):

The integration bridge, br-int, performs VLAN tagging and un-tagging for traffic coming from and to your instances
D: attach the firewall bridge to the integration-bridge (br-int)
E: attach the integration-bridge to the bridge-tunnel

Compute host: tunnel bridge (F,G) Network host: tunnel bridge (H,I)

The tunnel bridge translates VLAN-tagged traffic from the integration bridge into GRE tunnels.

Network host: integration bridge

The integration bridge on the network controller serves to connect instances to network services, such as routers and DHCP servers. It is like the network switch.

Network host: DHCP server (O,P):

DHCP is used to allocate/manage the IP address.

Network host: Router (M,N):

works as a router to the external network. A Neutron router is a network namespace with a set of routing tables and iptables rules that performs the routing between subnets.

Monday 1 September 2014

Basic docker Management Commands:

- docker ps: list the docker containers
- docker logs: check the docker’s standard output
- docker stop: stop the docker container
- docker start: start the docker container
- docker version: list the docker client/GO version
- docker top [container]: check the docker’s process
- docker rm container: remove the docker
- docker images: list the local docker images
- docker pull [image]: pull down the docker images
- docker search [image]: search docker image in the docker hub
- docker run –d [container]: run the docker as a daemon.

Thursday 28 August 2014

Why does the small business need cloud?

1. Saving cost for IT infrastructure
2. Quick installation and deployment
3. High performance expedition
4. Fault tolerance and disaster recovery ability
5. Fast internet access ability

Monday 18 August 2014

Manually setup all-in-one OpenStack Icehouse 3 - keystoneGlance (Image Store)

1. package installation

apt-get install -y glance

2. Create database and credentials for Glance

In MySQL command prompt:

CREATE DATABASE glance;

GRANT ALL ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance_dbpass';

3. Create glance related keystone entries

keystone user-create --name=glance --pass=glance_pass --email=glance@example.com

keystone user-role-add --user=glance --tenant=service --role=admin

keystone service-create --name=glance --type=image --description="Glance Image Service"

keystone endpoint-create --service=glance --publicurl=http://192.168.139.111:9292 --internalurl=http://192.168.139.111:9292 --adminurl=http://192.168.139.111:9292

4. Edit /etc/glance/glance-api.conf and edit the following lines

Hash out

# sqlite_db = /var/lib/glance/glance.sqlite

Add

connection = mysql://glance:glance_dbpass@192.168.139.111/glance

[keystone_authtoken]

auth_host = 192.168.139.111

auth_port = 5000

auth_protocol = http

admin_tenant_name = service

admin_user = glance

admin_password = glance_pass

[paste_deploy]

flavor = keystone

Edit /etc/glance/glance-registry.conf and edit the following lines as below

Hash out

# sqlite_db = /var/lib/glance/glance.sqlite

Add

connection = mysql://glance:glance_dbpass@192.168.139.111/glance

[keystone_authtoken]

auth_host = 192.168.139.111

auth_port = 5000

auth_protocol = http

admin_tenant_name = service

admin_user = glance

admin_password = glance_pass

[paste_deploy]

flavor = keystone

5. Restart Glance services and sync the database

service glance-api restart

service glance-registry restart

glance-manage db_sync

6.Download a pre-bundled image for testing

glance image-create --name Cirros --is-public true --container-format bare --disk-format qcow2 --location https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img

7. testing

glance index

Manually setup all-in-one OpenStack Icehouse 2 - keystone

1. install the keystone package/service

commands: apt-get install -y keystone

2. create database and username/password

in mysql client tool:

mysql> CREATE DATABASE keystone;

mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone_dbpass';

3. update keystone configuration file

in /etc/keystone/keystone.conf

hash out line

connection = sqlite:////var/lib/keystone/keystone.db

add line:

connection = mysql://keystone:keystone_dbpass@192.168.139.111/keystone

4. restart keystone service and sync database

service keystone restart

keystone-manage db_sync

5. export the environment variables

export OS_SERVICE_TOKEN=ADMIN

export OS_SERVICE_ENDPOINT=http://192.168.139.111:35357/v2.0

6. data preparation(well explain later)

#tenant, user, role and user-role

keystone tenant-create --name=admin --description="Admin Tenant"

keystone tenant-create --name=service --description="Service Tenant"

keystone user-create --name=admin --pass=ADMIN --email=admin@example.com

keystone role-create --name=admin

keystone user-role-add --user=admin --tenant=admin --role=admin

#service

keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"

#end point

keystone endpoint-create --service=keystone --publicurl=http://192.168.139.111:5000/v2.0 --internalurl=http://192.168.139.111:5000/v2.0 --adminurl=http://192.168.139.111:35357/v2.0

7. create confidential file and source it

export OS_USERNAME=admin

export OS_PASSWORD=ADMIN

export OS_TENANT_NAME=admin

export OS_AUTH_URL=http://192.168.139.111:35357/v2.0

8. testing

keystone token-get

keystone user-list

Wednesday 13 August 2014

Manually setup all-in-one OpenStack Icehouse 1 - preparation

DevStack is a cool tool to setup all-in-one OpenStack environment but it hides most of the details. To better understand how the each component of OpenStack is setup. here I tried to setup OpenStack Icehouse on the Ubuntu 14.4 manully following this blog

http://fosskb.wordpress.com/2014/04/12/openstack-icehouse-on-ubuntu-12-04-lts-single-machine-setup/. My IP is 192.168.139.111

Setup/update the environment for OpenStack Icehouse

Configure the repositories and update the packages.

Commands:

apt-get install -y python-software-properties -- this is to setup python environment

add-apt-repository cloud-archive:icehouse -- this is to setup the icehouse repository
apt-get install -y ntp vlan bridge-utils -- this is to setup ntp vlan and other network utils

apt-get update && apt-get -y upgrade -- this is to update the packages and kernel

reboot -- reboot the server

Setup RabbitMQ server, it seems no configuration for RabbitMQ

Commands:

apt-get install -y rabbitmq-server -- install rabbitmq server

Setup MySQL server, configure the my.cnf and restart MySQL