red hat forum tokyo - openstack architecture

Deploying RDO onRed Hat Enterprise LinuxDan Radez | Sr. Software Engineer, RED HAT

What is OpenStack

● Cloud/Virtualization Platform

● Designed for standard hardware

● OpenSource

Overview

Red Hat's Community OpenStack

openstack.redhat.com

PackStack: Installation

Red Hat developed OpenStack installer

Deployment options

● Interactively

● Answer file

● Quick Start

● All-in-one

Features

● Single-host install

● Multi-host install

● RHOS, RDO, EPEL


Install Defaults

● MySQL

● Qpid

● Swift Not Installed (--os-swift-install=y)

● Neutron (--os-neutron-install=n)


Install OpenStack

Killing time while PackStack works magic

Relationship between OpenStack services

Dashboard: Web Interface


● web-based interface for managing OpenStack services

● modular design for interfacing with other projects

● includes interface for all core components


Login to the Dashboard

http://192.168.122.101/

Help!

$ keystone help$ keystone help user-create$ glance help$ glance help image-create$ nova help$ nova help boot

Keystone: Identity Management


● centralized identity service

● central catalog of services

Multiple forms of authentication

● User name and password

● Token-based systems

● Amazon Web Services style logins


Login as admin

[root@control ~]# cat keystonerc_adminexport OS_USERNAME=adminexport OS_TENANT_NAME=adminexport OS_PASSWORD=5ffbe9d2a38d4a48export OS_AUTH_URL=http://192.168.122.101:35357/v2.0/ export PS1="[\u@\h \W(keystone_admin)]$ "

[root@control ~]# source keystonerc_admin

[root@control ~(keystone_admin)]#


Get a token / troubleshooting auth

[root@control ~(keystone_admin)]# keystone token-get

+++| Property | Value |+++| expires | 20130607T19:22:06Z || id | e50158f737f14791ae7831c955524de2 || tenant_id | 70784578887b4468adacd92f2f376bc9 || user_id | f4270a7b46af467892173a02d9cd49d4 |+++


Add a User

[root@control ~]# keystone user-create --name radez --pass supersecretpass

id: 849616035d654b9b9a8cc38b10284a52

[root@control ~]# keystone role-create --name role1

id: 8ab4a27031084100afbafc0f95a47170

[root@control ~]# keystone tenant-create --name tenant1

Id: 427c01f33fcf4feb930f26dd550a14e0


Add a User

[root@control ~]# keystone user-role-add --user-id radez --role-id role1 --tenant-id tenant1

[root@control ~]# keystone user-list

[root@control ~]# keystone role-list

[root@control ~]# keystone tenant-list

[root@control ~]# keystone user-role-list

[root@control ~]# keystone endpoint-list


Login as user

[root@control ~]# cp keystonerc_admin keystonerc_radezexport OS_USERNAME=radezexport OS_TENANT_NAME=tenant1export OS_PASSWORD=supersecretpassexport OS_AUTH_URL=http://192.168.122.101:35357/v2.0/ export PS1="[\u@\h \W(keystone_radez)]$ "

[root@control ~]# source keystonerc_radez

[root@control ~(keystone_radez)]# keystone token-get

[root@control ~(keystone_radez)]# source keystonerc_admin

[root@control ~(keystonerc_admin)]#


Add a user

Glance: Image Management


● registry for virtual machine images

● images used as templates for new servers

Add an image

[root@control ~]# glance image-create --name cirros --is-public 1 --disk-format qcow2 --container-format bare --file /mnt/cirros-0.3.0-x86_64-disk.img

id: d3d1f38e-3f2c-4f45-91e1-cb4535f62d10

[root@control ~]# glance image-list


Image Building

● Oz

● appliance-creator

● Native glance builder in the works

● Manually (launch installer, import before first boot)

Build Notes:

● Include cloudinit for post boot configuration


Add an image

Neutron: Networking

Neutron: Networking

● networking as a service

● built in modular architecture

Features

● Single or Multiple host deployment

● virtual network, subnet, and port abstractions

● Plugin architecture supports many network technologies

Neutron: Networking

Add a network

Nova: Instance Management


● manages virtual machines on nodes

● provides virtual servers on demand

Design Features

● Designed to scale horizontally

● Designed for standard hardware


Boot an instance

[root@control ~]# nova flavor-list

[root@control ~]# nova keypair-add --pub-key .ssh/id_rsa.pub mykey

[root@control ~]# nova keypair-list

mykey | 84:6e:28:d3:75:17:ab:25:4d:f3:0d:61:93:55:ee:e2

[root@control ~]# nova image-list

[root@control ~]# nova boot --flavor 1 --key_name mykey --image cirros my_instance

[root@control ~]# nova list


Boot an Instance


Communicate with the instance

[root@control ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0DEVICE=eth0BOOTPROTO=staticNM_CONTROLLED="no"ONBOOT=yesTYPE=Ethernet

[root@control ~]# cat /etc/sysconfig/network-scripts/ifcfg-br-exDEVICE=br-exBOOTPROTO=staticIPADDR=192.168.122.101GATEWAY=192.168.122.1NETMASK=255.255.255.0NM_CONTROLLED="no"ONBOOT=no



[root@control ~]# ovs-vsctl add-port br-ex eth0 && service network restart

[root@control ~]# ovs-vsctl show Bridge br-ex

Port br-ex

Interface br-ex

type: internal

Port "eth0"

Interface "eth0"



[root@control ~]# ping 192.168.122.3

PING 192.168.122.3 (192.168.122.3) 56(84) bytes of data.64 bytes from 192.168.122.3: icmp_seq=2 ttl=63 time=0.668 ms

[root@control ~]# ssh [email protected]

The authenticity of host '192.168.122.3 (192.168.122.3)' can't be established.RSA key fingerprint is 38:49:f2:67:80:11:31:84:1f:b1:79:df:5f:e4:e5:f7.Are you sure you want to continue connecting (yes/no)? YesWarning: Permanently added '192.168.122.3' (RSA) to the list of known hosts.

$


Allow external access

Cinder: Block Storage


● manages persistent block storage volumes

● snapshots can be taken

Create and attach a volume

[root@control ~]# cinder create 1

id: 4d6cbb1f-5873-4357-99c7-8ae0502e6de5

[root@control ~]# nova volume-attach my_instance 4d6cbb1f-5873-4357-99c7-8ae0502e6de5 auto


Mount a volume

[root@control ~]# ssh -i .ssh/id_rsa [email protected]

my_instance$ sudo -i

my_instance# mkfs.ext4 /dev/vdb

my_instance# mkdir -p /mnt/volume

my_instance# mount /dev/vdb /mnt/volume

my_instance# touch /mnt/volume/test.txt

my_instance# umount /mnt/volume

[root@control ~]# nova volume-detach my_instance 4d6cbb1f-5873-4357-99c7-8ae0502e6de5


Create, attach and mount a volume

Swift: Object Storage


Install Swift

/root/packstack-answers-20130614-091000.txt

CONFIG_SWIFT_INSTALL=n

[root@control ~]# packstack --answer-file packstack.txt

Generating a packstack answer file

[root@control ~]# packstack --gen-answer-file answers.txt


● allows users to store and retrieve files

● distributed architecture to allow for horizontal scaling

● provides redundancy as failure-proofing

● data replication is managed by software


Upload an object

[root@control ~]# swift stat

[root@control ~]# swift list

[root@control ~]# swift upload test packstack-answers.txt

[root@control ~]# swift list

[root@control ~]# swift list test

[root@control ~]# swift upload test /etc/motd

[root@control ~]# swift list test


Create a container & upload an object

Review

Resources

● RDO: openstack.redhat.com

● https://access.redhat.com/knowledge/docs/en-US/Red_Hat_OpenStack

● OpenStack.org

● TryStack.org

● Puppetlabs.com

● Djangoproject.com

● Oz: https://github.com/clalancette/oz/

● https://github.com/redhat-openstack/image-building-poc

● http://radez.fedorapeople.org/RHForum_slides1.pdf

https://github.com/redhat-openstack/image-building-poc

red hat forum tokyo - openstack architecture

Technology