Rackspace Private Cloud Software Getting Started
Transcrição
Rackspace Private Cloud Software Getting Started
rackspace.com/cloud/private Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Rackspace Private Cloud Software Getting Started Guide v 3.0 (2013-03-06) Copyright © 2013 Rackspace All rights reserved. This guide is intended to assist Rackspace customers in downloading and installing Rackspace Private Cloud Software, powered by OpenStack. The document is for informational purposes only and is provided “AS IS.” RACKSPACE MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, AS TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS DOCUMENT AND RESERVES THE RIGHT TO MAKE CHANGES TO SPECIFICATIONS AND PRODUCT/SERVICES DESCRIPTION AT ANY TIME WITHOUT NOTICE. RACKSPACE SERVICES OFFERINGS ARE SUBJECT TO CHANGE WITHOUT NOTICE. USERS MUST TAKE FULL RESPONSIBILITY FOR APPLICATION OF ANY SERVICES MENTIONED HEREIN. EXCEPT AS SET FORTH IN RACKSPACE GENERAL TERMS AND CONDITIONS AND/OR CLOUD TERMS OF SERVICE, RACKSPACE ASSUMES NO LIABILITY WHATSOEVER, AND DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO ITS SERVICES INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT. Except as expressly provided in any written license agreement from Rackspace, the furnishing of this document does not give you any license to patents, trademarks, copyrights, or other intellectual property. Rackspace, Rackspace logo, Fanatical Support®, and OpenCenter are either registered trademarks or trademarks of Rackspace US, Inc. in the United States and/or other countries. OpenStack is either a registered trademark or trademark of the OpenStack Foundation in the United States and/or other countries. Third-party trademarks and tradenames appearing in this document are the property of their respective owners. Such third-party trademarks have been printed in caps or initial caps and are used for referential purposes only. We do not intend our use or display of other companies’ tradenames, trademarks, or service marks to imply a relationship with, or endorsement or sponsorship of us by, these other companies. License Information OpenCenter™ is Copyright 2013 by Rackspace US, Inc. OpenCenter is licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. This version of OpenCenter includes Rackspace trademarks and logos, and in accordance with Section 6 of the License, the provision of commercial support services in conjunction with a version of OpenCenter which includes Rackspace trademarks and logos is prohibited. OpenCenter source code and details are available at: https://github.com/rcbops/ or upon written request. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 and a copy, including this notice, is available in the LICENSE.TXT file accompanying this software. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ii Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Table of Contents 1. Overview ..................................................................................................................... 1 Intended Audience .................................................................................................. 1 Document Change History ....................................................................................... 1 Additional Resources ............................................................................................... 1 Contact Rackspace .................................................................................................. 2 2. About Rackspace Private Cloud Software .................................................................... 3 What is Rackspace Private Cloud Software? ............................................................. 3 About OpenCenter™ ............................................................................................... 3 The Rackspace Private Cloud Configuration ............................................................. 4 Supported OpenStack Features ....................................................................... 4 Unsupported OpenStack Features ................................................................... 5 Rackspace Private Cloud Support ............................................................................. 5 3. Installation Prerequisites and Concepts ........................................................................ 6 Hardware Requirements .......................................................................................... 6 OpenCenter and Chef Server Requirements ..................................................... 6 Cluster Node Requirements ............................................................................. 6 Deploying OpenCenter in an All-VM Environment ............................................ 7 Software Requirements ........................................................................................... 7 Network Requirements ........................................................................................... 7 Preparing For the Installation .......................................................................... 7 Node Access Considerations ............................................................................ 8 Instance Access Considerations ........................................................................ 8 High Availability Concepts ....................................................................................... 9 Availability Zone Concepts ...................................................................................... 9 4. Installing Rackspace Private Cloud Software ............................................................... 11 Prepare the Nodes ................................................................................................ 11 Install OpenCenter Server, Agent, and User Interface ............................................. 11 Install OpenCenter Server .............................................................................. 11 Install the OpenCenter User Interface ............................................................ 12 Install OpenCenter Agent .............................................................................. 12 Verify Environment ............................................................................................... 13 Access the Operator GUI ....................................................................................... 13 Create Chef Server ................................................................................................ 14 Create a Nova Cluster ........................................................................................... 15 Upload Glance Images ................................................................................... 16 Configure Cluster for High Availability ........................................................... 16 Create Additional Availability Zones .............................................................. 16 Evacuating a Host ......................................................................................... 16 Troubleshooting the Installation ............................................................................ 16 5. Installing Rackspace Private Cloud Software on a Single Device with Virtual Machines ....................................................................................................................... 18 Prepare the Device and VMs ................................................................................. 18 Create the OpenCenter Environment ..................................................................... 19 6. Accessing the Cloud .................................................................................................. 21 Accessing the Controller Node ............................................................................... 21 Accessing the Dashboard ....................................................................................... 22 Restoring the Default OpenStack Dashboard ................................................. 22 Using Your Logo In the OpenStack Dashboard .............................................. 23 iii Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Accessing the Graphite Monitoring Tool ................................................................ OpenStack Client Utilities ...................................................................................... Viewing and Setting Environment Variables ........................................................... 7. Creating an Instance in the Cloud ............................................................................. Image Management .............................................................................................. Create a Project .................................................................................................... Generate an SSH Keypair ...................................................................................... Update the Default Security Group ....................................................................... Create an Instance ................................................................................................ Accessing the Instance .......................................................................................... Logging In to the Instance ............................................................................ Accessing the Instance By SSH on the Compute Node .................................... Managing Floating IP Addresses .................................................................... What's next? ......................................................................................................... 8. Configuring OpenStack Image Storage ...................................................................... Local File Storage .................................................................................................. Rackspace Cloud Files ............................................................................................ Swift Storage ........................................................................................................ 9. Glossary of Terms ...................................................................................................... iv 23 24 24 26 26 27 27 28 29 31 32 32 33 35 36 36 37 38 39 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 1. Overview Rackspace has developed Rackspace Private Cloud Software, a fast, free, and easy way to deploy a Rackspace Private Cloud powered by OpenStack in any data center. Rackspace Private Cloud Software is suitable for anyone who wants to install a stable, tested, and supportable OpenStack private cloud, and can be used for all scenarios from initial evaluations to production deployments. Rackspace Private Cloud Software v 3.0 supports the Folsom release of OpenStack. Intended Audience This guide is intended for anyone who wants to deploy an OpenStack-powered cloud that has been tested and optimized by the OpenStack experts at Rackspace. This document includes an overview of Rackspace Private Cloud Software and instructions for downloading and deploying Rackspace Private Cloud Software in the data center of your choice. To use the product and this document, you should have prior knowledge of OpenStack and cloud computing, basic Linux administration skills, and a side of bacon. :) Document Change History This version of the Rackspace Private Cloud Software Getting Started Guide replaces and obsoletes all previous versions. The most recent changes are described in the table below: Revision Date Summary of Changes August 15, 2012 • Release of Rackspace Private Cloud Software v 1.0. November 15, 2012 • Release of Rackspace Private Cloud Software v 2.0. • Added information about Folsom implementation, OpenStack Block Storage, changing the Horizon dashboard, proxy settings, changing rate limits, updating the cookbooks, and configuring OpenStack Image Storage to use Rackspace Cloud Files. March 6, 2013 • Release of Rackspace Private Cloud Software v 3.0. • OpenCenter deployment and management framework introduced. Additional Resources • • • • • • • • Rackspace Private Cloud Software Knowledge Center OpenStack Manuals OpenStack API Reference OpenStack - Nova Developer Documentation OpenStack - Glance Developer Documentation OpenStack - Keystone Developer Documentation OpenStack - Horizon Developer Documentation OpenStack - Cinder Developer Documentation 1 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 Contact Rackspace For more information about sales and support, contact us at <[email protected]>. For feedback on the product and the documentation, contact us at <[email protected]>. For the documentation, you can also leave a comment at the Knowledge Center. For more troubleshooting information and user discussion, you can also inquire at the Rackspace Private Cloud Support Forum at the following URL: https:// privatecloudforums.rackspace.com 2 v 3.0 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 2. About Rackspace Private Cloud Software This chapter describes the Rackspace Private Cloud configuration and support offerings. What is Rackspace Private Cloud Software? Rackspace Private Cloud Software enables users to quickly deploy an OpenStack cluster configured according to the recommendations of Rackspace OpenStack specialists, using the OpenCenter deployment and management framework. Previous versions of Rackspace Private Cloud Software were packaged in an ISO that contained a full Ubuntu OS and a Chef server running on a virtual machine. While the ISO was a convenient and simple package, it did not allow a deployment at scale. The user also had no choice of host operating system and Chef server running on a virtual machine was resource-intensive. Rackspace Private Cloud Software now implements a new deployment approach that enables users to create an OpenStack cluster on Ubuntu, CentOS, or RHEL, and create a dedicated server for Chef. The new version uses install scripts to install Debian or RPM packages on servers, creating a more traditional application experience for the Linux system administrator. It also offers a framework that is capable of being updated without downloading and deploying a whole new ISO. About OpenCenter™ OpenCenter enables cloud administrators to manage the architecture of their OpenStack private cloud through a GUI, command line interface (CLI), or API. With OpenCenter, you can perform the following tasks: • Create a Chef server that will manage multiple OpenStack nodes. • Deploy Controller nodes and hypervisors directly to Ubuntu, CentOS, or RHEL servers or virtual machines. • Deploy and manage an OpenStack cluster in an environment. • Enable high availability. OpenCenter is compatible with the following operating systems: • Ubuntu 12.04 • CentOS 6.3 • RHEL 6.3 or 6.4 OpenCenter has three components: • OpenCenter Server: The server manages the OpenCenter environment. 3 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 • OpenCenter Agent: The agent is installed on each node that will be managed by OpenCenter. • OpenCenter GUI: A web interface for using OpenCenter. Note Rackspace recommends that you run OpenCenter behind a firewall, as it is not considered secure at this time. The Rackspace Private Cloud Configuration Rackspace Private Cloud Software v 3.0 uses the Folsom release of OpenStack, and includes Compute (Nova), Image Service (Glance), Dashboard (Horizon), and Identity (Keystone). Virtual Network Service (Quantum) is not supported at this time. Supported OpenStack Features Rackspace supports integration with the other components of OpenStack, as well as features such as floating IP address management, security groups, availability zones, and the python-novaclient command line client. The following OpenStack features are also supported in OpenStack clusters deployed with OpenCenter: • • • • • • • • • Single and dual NIC configurations NFS and ISCSI file storage as backing stores for VM storage VNC Proxy KVM hypervisor Nova Multi Scheduler instead of Filter Schedule Keystone integrated authentication Glance integrated image service Horizon dashboard Linux and Windows guests to the extent to which they accept handoff from KVM and boot • Single metadata server running on each device • Cloud management through OpenStack APIs • High availability for all Nova service components and APIs, Cinder, and Keystone, as well as the scheduler, rabbitmq, and mysql. The following OpenStack features are not deployed with OpenCenter, but can be manually configured with Rackspace Private Cloud Software Chef cookbooks: • Cinder block storage service, documented in Rackspace Private Cloud Software: OpenStack Block Storage • Swift object storage service, documented in Rackspace Private Cloud Software: OpenStack Object Storage Rackspace Private Cloud Software also supports the use of Rackspace Cloud Files as a backend for OpenStack Image Storage. 4 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Unsupported OpenStack Features The following features are not supported: • • • • • • • • Nova object store Nova volumes Boot-from-volume for guest VMs Clustered file system solutions xpvnc Xen and other hypervisors Centralized metadata servers Any other OpenStack project, extension or configuration not explicitly listed in the supported features or installed components sections Rackspace Private Cloud Software is an evolving product and we will continue to develop and enhance it. Rackspace Private Cloud Support Rackspace Private Cloud Software is offered primarily as a "do it yourself" package, free of charge. You can also access the Rackspace Private Cloud Support Forum, a Rackspaceprovided user forum, at the following URL: https://privatecloudforums.rackspace.com The forum is open to all Rackspace Private Cloud users and is moderated and maintained by Rackspace personnel and OpenStack specialists. Rackspace offers 365x24x7 support for Rackspace Private Cloud Software. If you are interested in purchasing Rackspace Private Cloud Escalation Support or Core Support, or you plan to install on more than 20 nodes, please email us at <[email protected]>. 5 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 3. Installation Prerequisites and Concepts This chapter discusses the prerequisites for installing Rackspace Private Cloud Software. Hardware Requirements Rackspace has tested two hardware-based scenarios for Rackspace Private Cloud Software deployment, with different hardware requirements. • A physical device for each required node: an OpenCenter server, a Chef server, an OpenStack Nova Controller node, and additional physical machines with OpenStack Nova Compute nodes as required. • One physical device with VMs configured for the OpenCenter Server and Chef server, and the OpenStack Nova Controller node installed on the host, and additional physical machines for the OpenStack Nova Compute nodes as required. For information about this configuration, refer to "Installing OpenCenter in a Virtual Machine Configuration". OpenCenter and Chef Server Requirements Rackspace recommends that the OpenCenter server meets the following minimum requirements: • 8 GB RAM • 144 GB disk space • Dual socket CPU with dual core. A dual socket CPU with a hex core (for a total of 6-12 cores) will provide better performance. The Chef server hardware should meet the following requirements: • 16 GB RAM • 144 GB disk space • Dual socket CPU with dual core, or single socket quad core Cluster Node Requirements Each node in the cluster will have the OpenCenter agent installed on it. The hardware requirements vary depending on the purpose of the node. Each device should support VT-x. Refer to the following table for detailed requirements. Node Type Requirements Nova Controller • 16 GB RAM • 144 GB disk space • Dual socket CPU with dual core, or single socket quad core Nova Compute • 32 GB RAM • 144 GB disk space • Dual socket CPU with dual core, or single socket quad core CPU overcommit is set at 16:1 VCPUs to cores, and memory overcommit is set to 1.5:1. Each physical core can support up to 16 virtual cores; for example, one dual-core processor 6 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 can support up to 32 virtual cores. If you require more virtual cores, adjust your sizing appropriately. Deploying OpenCenter in an All-VM Environment For testing purposes, it is also possible to deploy Rackspace Private Cloud Software on a group of virtual machines, such as a group of Rackspace Cloud Servers. The virtual machines should meet specifications similar to the standard hardware specifications, though it is possible for the Chef server, Controller, and Compute nodes to be as small as 8 GB if you are only doing proof-of-concept tests. Software Requirements The device on which OpenCenter Server is installed and all OpenCenter-managed devices must be using one of the following operating systems: • Ubuntu 12.04 • CentOS 6.3 • RHEL 6.3 or 6.4 The GUI package can also be installed on OS X. Network Requirements Internet access is required to complete the installation, so ensure that the devices that you use have internet access to download the installation files. Rackspace Private Cloud Software creates a FlatDHCP network in multi_host mode, in which nova-network software is installed and configured on each server that is running nova-compute. Further conceptual information about Flat DHCP networking is available in the OpenStack Compute Administration Manual. Refer to the following topics: • Configuring flat DHCP networking • Libvirt Flat DHCP Networking Preparing For the Installation Before you begin, have the following networking information prepared and available: • The Nova public network in CIDR format. • The Nova public network interface (such as eth0). • The Nova VM network bridge (such as br100). • Optional NAT exclusion CIDR range or ranges for networks configured with a DMZ, • The name of the Nova cluster. • A password for an admin OpenStack user. 7 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 • Nova management network address in CIDR format. • The interface of the VM network for the Compute notes (such as eth1). • The name of the default availability zone. • The VM network CIDR range. • The Nova internal network CIDR range that you want to assign to each Controller and Compute node. Node Access Considerations All nodes within the OpenCenter environment must be able to access one another. Provided that the nodes on which the agent is installed have outbound connectivity to the OpenCenter server, the nodes can be physically located anywhere. All communication between the server and agent runs from the agent to the server. Currently, if you delete the agent from a node, you will have to manually delete the node from the server with the opencentercli node delete command in the command line interface. Instance Access Considerations By default, the instances that you create in the OpenStack cluster can only be publicly accessed via NAT by assigning floating IP addresses to them. Before you assign a floating IP address to an instance, you must have a pool of addresses to choose from. Your network security team must provision an address range and assign it to your environment. These addresses need to be publicly accessible. Floating IP addresses are not specified during the installation process; once the Controller node is operational, you can add them with the nova-manage floating create --ip_range command. Refer to "Managing Floating IP Addresses". 8 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 You can also make the instances accessible to other hosts in the network by default by configuring the cloud with a network DMZ. The network DMZ range cannot be the same as the nova fixed network range. Specifying a DMZ enables NAT-free network traffic between the virtual machine instances and resources outside of the nova fixed network. For example, if the nova fixed network is 10.1.0.0/16 and you specify a DMZ of 172.16.0.1/12, any devices or hosts in that range will be able to communicate with the instances on the nova fixed network. To use the DMZ, you must have at least two NICs on the deployment servers. One NIC must be dedicated to the VM instances. High Availability Concepts Rackspace Private Cloud Software has the ability to implement support for high availability for all Nova service components and APIs, Cinder, and Keystone, and Glance, as well as the scheduler, rabbitmq, and mysql. HA functionality is powered by Keepalived and HAProxy. High Availability is implemented when you create two Controller nodes in a Nova cluster. When the second node is created, it discovers the IP address of the first node and begins replication; in turn, when Chef client runs on the first node, it discovers the second and begins replication. Availability Zone Concepts Availability zones enable you to manage and isolate different nodes within the environment. For example, you may want to isolate different sets of Compute nodes to provide different resources to customers. If one availability zone experiences downtime, other zones in the cluster will not be affected. 9 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 When you create a Nova cluster with OpenCenter, it is created with a default availability zone, and all Compute nodes will be assigned to that zone. You can create additional availabilty zones within the cluster as needed. 10 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 4. Installing Rackspace Private Cloud Software This chapter discusses the process for installing Rackspace Private Cloud Software and using OpenCenter to deploy an OpenStack cluster. Prepare the Nodes Each node in the OpenCenter environment must have Ubuntu 12.04, CentOS 6.3, or RHEL 6.3 or 6.4 installed. Before you begin, ensure that the OS is up to date on the devices. Log into each device and run the appropriate update for the OS and the package manager. Install OpenCenter Server, Agent, and User Interface Your OpenCenter environment must have an OpenCenter server and have the OpenCenter agent installed on every node that will be managed by the server, and you must install the GUI component to manage the environment through the GUI. You must install the server first. Agent installations in the environment will ping the server and indicate that they are available for further configuration. Instead of the ISO that was used in previous versions, installation is now performed via a curl command that launches an installation script. The script downloads the packages from packages.opencenter.rackspace.com and uses the packages to install the OpenCenter components. Install OpenCenter Server Execute the following curl command on the device that will become the OpenCenter server: $ curl -s -L http://sh.opencenter.rackspace.com/install.sh | \ sudo bash -s server When the installation is complete, you will receive a confirmation message indicating that OpenCenter server has been installed correctly. You will also receive a message notifying you of where you can find the default server admin user name and password, which you will use to log into the dashboard and set the endpoint environment variable in the CLI. If you need to change the username and password, you will also need to edit the agent endpoint with the new username and password. 11 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Before you can use the CLI, you must set the OPENCENTER_ENDPOINT variable in your environment. You will need the admin username and password from the server installation. Run the following command: $ export OPENCENTER_ENDPOINT=https://<admin>:<password>@localhost:8443 If you change the admin username and password in the OpenCenter configuration file, you will need to set your endpoint environment variable again. At this time you can run the opencentercli node list command to view the current node configuration. $ opencentercli node list id |name |task |adventure |attrs |facts | ---|--------------|-----|----------|------|------------------------------| 1 |workspace |None |None |{} |{u'backends': [u'container... | 2 |unprovisioned |None |None |{} |{u'parent_id': 1, u'backen... | 3 |support |None |None |{} |{u'parent_id': 1, u'backen... | By default, the OpenCenter server is created with three nodes: • workspace: The "master" parent container for the OpenCenter environment. • unprovisioned: The parent container for all nodes that have the OpenCenter agent installed, but that have not been assigned a role yet. • support: The parent container for all nodes that are used to maintain the OpenCenter environment infrastructure and for external resources. The Chef server is automatically assigned to the support node as soon as it is configured. You will need the IP address of the OpenCenter server to proceed with the installation of the OpenCenter agent. This can be obtained with the ifconfig command. Install the OpenCenter User Interface You can install the OpenCenter GUI on any device from which you want to manage your environment, but first you should install it on the server node. When the OpenCenter server installation is complete, execute the following curl command on the server node: $ curl -s -L http://sh.opencenter.rackspace.com/install.sh | \ sudo bash -s dashboard <OpenCenter-server-IP> You can now use your web browser to access the OpenCenter GUI via the IP address of the device on which you installed the GUI. For example, if you installed it on a server with the IP address 192.0.2.0, you would access the GUI via browser at https://192.0.2.0:443 Log in with the username and password from the server installation. Install OpenCenter Agent Run the following curl command on each node that will be managed with OpenCenter: 12 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 $ curl -s -L http://sh.opencenter.rackspace.com/install.sh | \ sudo bash -s agent <OpenCenter-server-IP> When the installation is complete, you will receive a confirmation message indicating that OpenCenter agent has been installed correctly. You will receive a message notifying you of the current agent endpoint settings, incorporating the username and password from the server installation. You will need to change these settings if you change the OpenCenter admin username and password. Repeat this process on each node. Verify Environment After the agent has been installed on each managed server, you can verify the environment either via GUI or the CLI. To view the GUI, simply use your web browser to access the GUI as described in "Install the OpenCenter User Interface". To use the CLI. run the opencentercli node list command on the OpenCenter server to view the OpenCenter environment. The newly configured nodes will appear in the list. The node names are the names that were assigned when you originally installed and configured the operating system on those nodes. $ opencentercli node list id |name |task |adventure |attrs |facts | ---|--------------|-----|----------|------|-------------------| 1 |workspace |None |None |{...} |{u'backends': ... | 2 |unprovisioned |None |None |{...} |{u'parent_id': ... | 3 |support |None |None |{...} |{u'parent_id': ... | 4 |chef-server |None |None |{...} |{u'parent_id': ... | 5 |controller |None |None |{...} |{u'parent_id': ... | 6 |compute |None |None |{...} |{u'parent_id': ... | Access the Operator GUI When you first log into the GUI, you will see a collection of available nodes, as well as the OpenCenter server in the Service Nodes container. Your environment is now ready for configuration. By clicking on the cog icon next to a section or node name, you can perform the actions available to that node. The following table describes the features and containers of the operator GUI. Feature/Container Description Workspace • The overview of the OpenCenter environment. Available Nodes • Each node on which the OpenCenter agent has been installed but which has not been configured will appear in this section. Service Nodes • Contains the nodes that manage the environment. • The OpenCenter server will be included in this container. Do not attempt to move it out of this container. 13 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Feature/Container Description • When the Chef server is created, it will be added to this section. NovaCluster • Does not appear until after you have created a Chef server and created a Nova cluster. • NovaCluster is the default name; you can edit it when you create the cluster. • When created, contains two sub-containers: • An Infrastructure container, where the Controller node is located. • A Compute container, where the availability zones and Compute nodes are located. Create Chef Server The first node that you will create is a Chef server, which is required to manage the OpenStack nodes. Do not create more than one Chef server in your environment. Follow these steps to use OpenCenter to create a Chef server. 1. Select an available node and click on the cog icon. 2. In the drop-down menu that appears, select Install Chef Server. The Chef server installation will take about five minutes. In the Tasks pane (hidden by default at the bottom of the UI) system will stream a log to show the status of the installation, and you can also monitor the progress by logging into the node and using the tail -f command to monitor /var/log/opencenter/trans_N.log. When the installation is complete, the new Chef server will appear in the Service Nodes group. You can also view the Chef server management console in your browser at https://chef-server-ip-address. Most users will not need to use this feature, but in the event that you do, refer to the Opscode Chef Management Console documentation for more information about the management console. At any time, you can download the latest cookbooks, but this is done automatically during the installation process. If in the future you want to ensure that you have the latest cookbooks, follow this procedure. 1. Click on the cog icon on the Chef server node. 2. In the drop-down menu that appears, select Download Chef Cookbooks. The Chef server will download the latest cookbooks. You can monitor the progress by logging into the node and using the tail -f command to monitor /var/log/ opencenter/trans_N.log. Note The Subscribe Cookbook Channel option is reserved for future use. 14 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Create a Nova Cluster To use OpenStack in your environment, you need to create a Nova cluster and move one or more available nodes into the cluster. 1. At the top of the Workspace, click on the cog icon. In the drop-down menu that appears, select Create Nova Cluster. 2. In the dialog box, enter your network environment information: • The Nova public network in CIDR format. • The Nova public network interface (such as eth0). • The Nova VM network bridge (such as br100). • Optional NAT exclusion CIDR range or ranges for networks configured with a DMZ, • The name of the Nova cluster. • A password for an admin OpenStack user. • Nova management network address in CIDR format. • The interface of the VM network for the Compute notes (such as eth1). • The name of the default availability zone. • The VM network CIDR range. • The Nova internal network CIDR range that you want to assign to each Controller and Compute node. The OpenCenter server will run for a few minutes. When the process is complete, the Nova cluster container will appear in the workspace. It will include an Infrastructure container, a Compute container, and an AZ Nova (availability zone) container. 3. Select and drag an available node into the Infrastructure container. OpenCenter installs Chef client on the node and then runs Chef to apply the hacontroller1 role to the node. This role ensures that Nova infrastructure services are deployed, including mysql, Horizon, and rabbitmq. This process takes about 10-15 minutes. In the Tasks pane (hidden by default at the bottom of the UI) system will stream a log to show the status of the installation, and you can also monitor the progress by logging into the node and using the tail -f command to monitor /var/log/opencenter/ trans_N.log. 4. When the Controller deployment is complete, you can drag another available node into the AZ Nova container. OpenCenter installs Chef client on the node and then runs Chef to apply the singlecompute role to the node. This process takes about 5-10 minutes. 15 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Generally a Nova cluster will have one Controller and one or more Compute nodes. However, you may want to configure more Controllers for high availability or scalability. Upload Glance Images To upload a set of disk images to Glance, click on the cog for the Controller node and select Upload Glance Images. Configure Cluster for High Availability You can configure more than one Controller for high availability by adding a second Controller node to the Nova cluster. Follow these steps to configure the cluster for High Availability. 1. Create Nova cluster. 2. Drag first infrastructure node into Infrastructure Container. 3. Click on the cog icon in the Infrastructure container and select Enable HA Infrastructure. You will be prompted to enter three IP addresses which must be part of the Nova public network range: • Nova API VIP: the failover that all OpenStack APIs will listen to • MySQL VIP: the failover IP that MySQL will listen to • RabbitMQ VIP: the failover ip that RabbitMQ will listen to 4. Drag second infrastructure node into Infrastructure Container. OpenCenter will apply the appropriate roles enabling HA to the original Controller and to the new node. Create Additional Availability Zones To create another availability zone, click on the cog for the Compute container and select Create Availability Zone. You will be prompted to provide a name for the new zone. It takes a few minutes for the system to create the new zone; when it is ready, you can drag available nodes to the new availability zone to create more Compute nodes within it. Evacuating a Host OpenCenter enables you to evacuate Compute nodes, a process in which all instances hosted on a node will be moved to another node in the same availability zones and the node itself will be returned to an available state. To evacuate a host, click on the cog next to its name in the Compute/Availability Zone container and select Evacuate Host. Troubleshooting the Installation If the installation is unsuccessful, it may be due to one of the following issues. • The node does not have access to the Internet. The installation process requires Internet access to download installation files, so ensure that the address for the nodes provides 16 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 that access and that the proxy information that you entered is correct. You should also ensure that the nodes have access to a DNS server. • Your network firewall is preventing Internet access. Ensure the IP address that you assign to the Controller is available through the network firewall. For more troubleshooting information and user discussion, you can also inquire at the Rackspace Private Cloud Support Forum at the following URL: https://privatecloudforums.rackspace.com 17 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 5. Installing Rackspace Private Cloud Software on a Single Device with Virtual Machines This chapter discusses the process for installing Rackspace Private Cloud Software in a configuration where OpenCenter server and Chef server are installed on VMs hosted on a single device. Prepare the Device and VMs The device should have Ubuntu 12.04, CentOS 6.3, or RHEL 6.3 or 6.4 installed on it and should meet the following requirements: • 32 GB RAM • 144 GB disk space • Single or dual socket CPU with a hex core (for a total of 6-12 cores) You will need to install KVM on the device and create two guest VMs. Refer to the KVM documentation for detailed instructions for: • installing and configuring KVM • creating a guest disk image • installing a guest operating system • running a newly-installed guest Create two guests and install Ubuntu 12.04, CentOS 6.3, or RHEL 6.3 or 6.4 on them. Ensure that the OS is up to date on the devices. When the installation process is complete, you will have a host device with two guest VMs, as depicted in the following diagram. In this example, the device is named hostcontroller, and the VMs are opencenter-vm and chef-vm. 18 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Create the OpenCenter Environment You can install OpenCenter with the package or script method, as documented in "Installing Rackspace Private Cloud Software". Perform the installation in the following stages. 1. Log into one of the two VMs and install OpenCenter Server. 2. Install the OpenCenter UI on the same VM as the OpenCenter server. 3. Log into the second VM and install OpenCenter Agent. 4. Log into the host device and install OpenCenter Agent. 5. Log in to the UI or use the CLI to view the available nodes. The second VM and the host device should appear as available unprovisioned nodes, as in the following example: $ opencentercli node list id |name |task |adventure |attrs |facts | ---|----------------|-----|----------|------|-------------------| 1 |workspace |None |None |{...} |{u'backends': ... | 2 |unprovisioned |None |None |{...} |{u'parent_id': ... | 3 |support |None |None |{...} |{u'parent_id': ... | 4 |chef-vm |None |None |{...} |{u'parent_id': ... | 5 |host-controller |None |None |{...} |{u'parent_id': ... | 6. With the operator GUI or the CLI on the OpenCenter server, deploy Chef server on the second VM. (In this example, that would be chef-vm.) 7. When the Chef server is successfully deployed, create a Nova cluster in the OpenCenter environment. 8. When the Nova cluster is ready, assign the host device (in this example, hostcontroller) to the Nova cluster as a Controller node. 19 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 You now have an OpenCenter environment deployed on a single device. You can now install the OpenCenter agent on other devices or VMs in the network to create Compute nodes and proceed with using your OpenStack cluster. 20 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 6. Accessing the Cloud This chapter describes the methods you will use to access your cloud. You should be familiar with the contents of this section before attempting to create an instance or perform other configuration and maintenance tasks. Accessing the Controller Node Rackspace Private Cloud Software also installs the OpenStack client utilities necessary to use the cloud. You can access these features through the command line interface on the Controller node. To use them, log in to the Controller node via SSH as root. You can now run the following commands. $ source .novarc $ nova flavor-list You should see output similar to the following: +----+-----------+-----------+------+-----------+------+-------+-------------+ | ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | +----+-----------+-----------+------+-----------+------+-------+-------------+ | 1 | m1.tiny | 512 | 0 | 0 | | 1 | 1.0 | | 2 | m1.small | 2048 | 10 | 20 | | 1 | 1.0 | | 3 | m1.medium | 4096 | 10 | 40 | | 2 | 1.0 | | 4 | m1.large | 8192 | 10 | 80 | | 4 | 1.0 | | 5 | m1.xlarge | 16384 | 10 | 160 | | 8 | 1.0 | +----+-----------+-----------+------+-----------+------+-------+-------------+ This is a list of "flavors", different disk sizes that you can assign to images, and is an example of the information that you can access through the python-novaclient command line client. You can also view the status of the Controller and Compute nodes and the nova components active on each while logged in as the root user. $ nova-manage service list You should see output similar to the following: Binary nova-scheduler nova-consoleauth nova-network nova-compute Host ctrl ctrl compute1 compute1 Zone nova nova nova nova Status enabled enabled enabled enabled 21 State :-) :-) :-) :-) Updated_At 2012-08-02 2012-08-02 2012-08-02 2012-08-02 14:51:34 14:51:41 14:51:39 14:51:35 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 You can also view logs with the tail command. For example, to view nova.log, execute the following command: $ tail /var/log/nova/nova.log All logs are available in the /var/log/ directory and its subdirectories. Accessing the Dashboard In addition to the command line, you can use your web browser to access the Controller host. You can use the hostname or the IP address of the Controller node. You should see the OpenStack dashboard (Horizon) login page. Log in with the OpenStack username admin and the OpenStack admin password that you created during the Nova cluster creation. When the login is successful, you can configure additional users, create and manage images, and launch instances. Restoring the Default OpenStack Dashboard Clusters created with Rackspace Private Cloud Software will have a Rackspace-customized dashboard with a similar look and feel to the Rackspace Public Cloud dashboard. If you need to restore the default OpenStack dashboard, follow this procedure. 1. Log into the Controller node with root access. 2. Issue the following command to edit the environment file. $ knife environment edit rpcs 3. In the Horizon section of the file, change theme:"Rackspace" to "theme: "default". 4. Run chef-client to commit the change. $ chef-client When you reload the dashboard in your web browser, it will now use the default OpenStack style. To revert to the Rackspace theme, follow the same procedure and change the theme: value to "Rackspace". You can also use a single knife command to execute the change. $ knife exec -E '@e=Chef::Environment.load("rpcs"); \ [email protected]_attributes; a["horizon"]["theme"]="default"; \ @e.default_attributes(a); @e.save' To revert the theme, execute the same knife command, substituting "Rackspace" for "default". 22 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Using Your Logo In the OpenStack Dashboard After you have switched to the OpenStack default dashboard, you can customize it by adding your own logo. 1. Create a transparent PNG of your logo, sized to fit within a 200-pixel wide by 160-pixel tall space. 2. Name the file logo.png. 3. Save logo.png in the following location: /usr/share/openstack-dashboard/openstack_dashboard/static/ dashboard/img/logo.png 4. If you have not already done so, switch to root access with sudo -i. 5. Open style.css for editing with nano. $ nano /usr/share/openstack-dashboard/openstack_dashboard/static/dashboard/ css/style.css 6. Press Ctrl+w and search for: h1.brand. 7. Replace the entire h1.brand rule with the following: h1.brand a { background: url(../img/logo.png) center center no-repeat; display: block; height: 160px; text-indent: -9999px; margin: 25px auto; } 8. Press Ctrl+X; then press Y to commit the change. 9. Press Return to save style.css and exit the editor. Accessing the Graphite Monitoring Tool The cluster can be monitored via the Graphite monitoring tool. To access the Graphite dashboard, use the IP address for your Controller node and port 8080, as in the following example: http://192.0.2.0:8080 Graphite allows you to access a wide range of cluster data, and allows you to create custom charts according to your environment's needs. Threshold monitoring is provided by the monit tool, which provides basic threshold monitoring and alerts. For more information about Graphite, refer to the Graphite wiki. For more information about monit, refer to the monit web site. 23 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 OpenStack Client Utilities The OpenStack client utilities are a convenient way to interact with OpenStack from the command line from your own workstation, without being directly logged in to the Controller node. The client utilities for python are available via pypy and can be installed on most Linux systems with python available via pip install python-novaclient and pip install python-glanceclient. For more information, refer to the following links. • • • • python-novaclient Setting up python-novaclient python-glanceclient OpenStack Glance CLI Guide Note The clients are maintained by the community and should be considered software in development. When in doubt, refer to the internal client help for more information. A command line client is also available for OpenStack Block Storage (Cinder). For more information about Cinder, refer to Configuring OpenStack Block Storage. Viewing and Setting Environment Variables The environment variables set in the .novarc file are used by the OpenStack clients to provide the information necessary to authenticate to your cloud. When you are logged into the Controller node as root, you can view the .novarc file. Caution Be careful with the information contained in .novarc. This file contains administrative credentials by default. This file should not be edited, since it is automatically maintained by chef. If you want to connect to the OpenStack installation via python-novaclient or other command line clients, you must add environment variables to your local environment. The easiest way to capture environment variables is to download them from the dashboard. 1. Log into the dashboard. 2. In the upper right corner, click Settings. 3. In the navigation panel, select OpenStack Credentials. 4. Select the project for which you want to download the environment variables and click Download RC file. 5. After you have saved the file, open a local terminal and execute the command source openrc to add the environment variables to your local environment. 24 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 The contents of the openrc.sh file are as follows: #!/bin/bash # With the addition of Keystone, to use an openstack cloud you should # authenticate against keystone, which returns a **Token** and **Service # Catalog**. The catalog contains the endpoint for all services the # user/tenant has access to - including nova, glance, keystone, swift. # # *NOTE*: Using the 2.0 *auth api* does not mean that compute api is 2.0. # will use the 1.1 *compute api* export OS_AUTH_URL=http://controller_node_url:5000/v2.0 # With the addition of Keystone we have standardized on the term **tenant** # as the entity that owns the resources. export OS_TENANT_ID=tenant_id export OS_TENANT_NAME=tenant_name We # In addition to the owning entity (tenant), openstack stores the entity # performing the action as the **user**. export OS_USERNAME=username # With Keystone you pass the keystone password. echo "Please enter your OpenStack Password: " read -s OS_PASSWORD_INPUT export OS_PASSWORD=$OS_PASSWORD_INPUT 25 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 7. Creating an Instance in the Cloud OpenStack administration is documented in detail in the OpenStack Compute Administration Manual. In this section, we discuss key tasks you should perform that will allow you to launch instances. Refer to the official OpenStack documentation for more information. For these tasks, you must be logged in to the Dashboard as the admin user. These tasks can also be performed on the command line; some tasks require you to be logged into the controller via SSH, and some can be performed via python-novaclient on the controller or on a workstation. You should also be familiar with the material documented in "Accessing the Cloud". Note Nova volumes are not supported in Rackspace Private Cloud Software. For block storage, refer to the instructions for configuring OpenStack Block Storage. Image Management For more information about downloading and creating additional images, refer to the following OpenStack documentation. • Getting virtual machine images • Creating a Linux Image - Ubuntu & Fedora • Using the Glance CLI Tool Images can only be added on the command line with the glance image-create command; the Dashboard does not have any image functionality. You can use glance image-create when logged into the controller node, or if you have Glance client installed on your local workstation and have configured your environment with administrative user access to the controller. In the following example, the user has a virtual disk image in qcow2 format stored on the local file system at /tmp/images/test-image.img. When the image is imported, it will be named "Test Image" and will be public to any Glance user with access to the controller. $ glance image-create --name "Test Image" --is-public true \ --container-format bare --disk-format qcow2 < /tmp/images/test-image/img If the image is successfully added, Glance will return a confirmation similar to the following: Added new image with ID: 85a0a926-d3e5-4a22-a062-f9c78ed7a2c0 More information is available via the command glance help add. 26 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Create a Project You must create a project before you can launch an instance. A demo project is available by default, but if you want to create your own project, follow this procedure. 1. Ensure that the Admin tab in the navigation panel is in view, and select Projects. 2. Click Create New Project. 3. On the Project Info tab on the Add Project dialog, enter the name and a brief description, and ensure that the Enabled option is selected. 4. On the Project Members tab, add users to the project to grant them access to the project. Click the user name in the All Users column to add them to the Project Members column. Typically, when configuring your first project, these will be the admin user and the demo user that you created during the installation process (not to be confused with the operating system user). When prompted for a role for the user, you may wish to assign the admin role to the admin user and the member role the demo user.. Refer to the OpenStack Keystone documentation for information about customizing roles. 5. You may also need to modify quotas, which create limits for the number of VCPUs that the project can contain, the number of instances that can be created, and more. On the Quotas tab, modify the quotas as needed and click Update Quota to save your changes. 6. The new project will appear in the Projects table. Your project is now ready for additional configuration. Log out as the administrator and log in as the demo user before proceeding. When logged in, ensure that the project is selected in the navigation bar. Adding a project with the command line On the command line, projects are managed when logged in as root with nova-manage. For example, to create a project named Marketing that would be administered by user jdoe, you would use sudo -i to switch to root and execute the following command: $ nova-manage project add Marketing jdoe Generate an SSH Keypair Keypairs provide secure authentication to an instance, and will enable you to create instances securely and to log into the instance afterward. Keypairs are generated separately for each project and assigned to instances at time of creation. You can create as many keypairs in a project as you like. 1. With your project selected in the navigation panel, select Access and Security. 2. Under Keypairs, click Create Keypair. 3. In the Create Keypair dialog, enter the name for the keypair. 27 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 4. You will be prompted to save the keypair .pem file. Generating a keypair with the command line On the command line, keypairs are managed with nova keypair-* commands in pythonnovaclient. When generating a keypair, you must have your OS_USERNAME and OS_TENANT_NAME configured in your environment to ensure that you have access to the correct project. Our user jdoe, after configuring their environment, would then issue the following command to generate a keypair: $ nova keypair-add jdoe-keypair The client will generate a block of RSA Private Key text, which the user copies and saves to a file called jdoe-keypair.pem. Update the Default Security Group A Security Group is a named set of rules that get applied to the incoming packets for the instances. Packets that match the parameters of the rules are given access to the instance; all other packets are blocked. At minimum, you should ensure that the default security group permits ping and SSH access. You may edit the default security group or add additional security groups as your security settings require. 1. With your project selected in the navigation panel, open the Access & Security page. 2. In the Security Groups table, click Edit Rules in the default security group row. 3. In the Edit Security Group Rules dialog box, enable SSH access by entering the following values: • • • • • IP Protocol: TCP From Port: 22 To Port: 22 Source Group: CIDR CIDR: you may leave it as 0.0.0.0/0 if you want to enable access from all networks, or you may enter a specific network, such as 192.0.2.0/24. 4. Click Add Rule. You will receive a confirmation message at the top of the Dashboard window that the new rule was added to the default security group. To enable ping, repeat the procedure with a protocol of ICMP, type of -1, and code of -1. Managing security groups with the command line On the command line, security groups are managed with nova secgroup-* commands in python-novaclient. To add the ping and SSH rules to the default security group, issue the following commands: $ nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 $ nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 28 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Use nova secgroup-list-rules to view the updated default security group rules: $ nova secgroup-list-rules default +-------------+-----------+---------+-----------+--------------+ | IP Protocol | From Port | To Port | IP Range | Source Group | +-------------+-----------+---------+-----------+--------------+ | icmp | -1 | -1 | 0.0.0.0/0 | | | tcp | 22 | 22 | 0.0.0.0/0 | | +-------------+-----------+---------+-----------+--------------+ Create an Instance Before you can create an instance, you must have already generated a keypair and updated the default security group. The project in which you want to create the instance should be in focus on the dashboard. 1. With your project selected in the navigation panel, open the Images & Snapshots page. 2. Locate the image from which you want to create the instance in the Images table and click Launch. For example, to create an Ubuntu 12.04 image, select a precise image. 3. On the Details tab of the Launch Instances dialog, enter the following information: • Instance Source: Specify whether the instance will be based on an image or a snapshot. Your first instance will not have any snapshots available yet. • Image: The image that the instance will be based on. This option will be labeled as Snapshot when Snapshot is selected as the Instance Source. • Instance Name: The name of the instance. You might choose a name like my-instance. • Flavor: The VCPU configuration. Note that instances with larger flavors can take a long time to create. If you are creating an instance for the first time and want something small with which to test, select m1.small. • Instance Count: Accept the default value of 1. If you wanted to create multiple instances with this configuration, you could enter an integer up to the number permitted by your quota, which is 10 by default. 4. On the Access and Security tab, select the keypair that you created earlier. You must assign a keypair when generating an Ubuntu image. Accept the default security group. 5. On the Volume Options tab, you can choose to launch the instance with a storage volume attached. This should only be done when you have a Block Storage volume created; for your first instance, select Don't boot from a volume. 6. On the Post-Creation tab, you can add customization scripts. Some instances support user data, such as root passwords or admin users. If you have the information available, you may enter it here. 7. Click Launch. The Instances and Volumes page will open, with the new instance creation in process. The process should take less than a minute to complete, after which the instance status will be listed as Active. You may need to refresh the page. 29 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Launching an instance with the command line On the command line, image creation is managed with the nova boot command. Before you can launch an image, you need to determine what images and flavors are available to create a new instance. $ nova image-list +--------------------------+----------------------------+--------+--------+ | ID | Name | Status | Server | +--------------------------+----------------------------+--------+--------+ | 033c0027-[ID truncated] | cirros-image | ACTIVE | | | 0ccfc8c4-[ID truncated] | My Image 2 | ACTIVE | | | 85a0a926-[ID truncated] | precise-image | ACTIVE | | +--------------------------+----------------------------+--------+--------+ $ nova flavor-list +----+-----------+-----------+------+-----------+------+-------+-------------+ | ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | +----+-----------+-----------+------+-----------+------+-------+-------------+ | 1 | m1.tiny | 512 | 0 | 0 | | 1 | 1.0 | | 2 | m1.small | 2048 | 10 | 20 | | 1 | 1.0 | | 3 | m1.medium | 4096 | 10 | 40 | | 2 | 1.0 | | 4 | m1.large | 8192 | 10 | 80 | | 4 | 1.0 | | 5 | m1.xlarge | 16384 | 10 | 160 | | 8 | 1.0 | +----+-----------+-----------+------+-----------+------+-------+-------------+ 30 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 In the following example, an instance is launched with an image called precise-image. It uses the m1.small flavor with an ID of 2, and is named markets-test. $ nova boot --image precise-image --flavor="2" markets-test +-------------------------------------+--------------------------------------+ | Property | Value | +-------------------------------------+--------------------------------------+ | OS-DCF:diskConfig | MANUAL | | OS-EXT-SRV-ATTR:host | None | | OS-EXT-SRV-ATTR:hypervisor_hostname | None | | OS-EXT-SRV-ATTR:instance_name | instance-0000000d | | OS-EXT-STS:power_state | 0 | | OS-EXT-STS:task_state | scheduling | | OS-EXT-STS:vm_state | building | | accessIPv4 | | | accessIPv6 | | | adminPass | ATSEfRY9fZPx | | config_drive | | | created | 2012-08-02T15:43:46Z | | flavor | m1.small | | hostId | | | id | 5bf46a3b-084c-4ce1-b06f-e460e875075b | | image | precise-image | | key_name | | | metadata | {} | | name | markets-test | | progress | 0 | | status | BUILD | | tenant_id | b4769145977045e2a9279c842b09be6a | | updated | 2012-08-02T15:43:46Z | | user_id | 5f2f2c28bdc844f9845251290b524e80 | +-------------------------------------+--------------------------------------+ You can also view the newly-created instance at the command line with nova list. $ nova list +------------------+--------------+--------+-------------------+ | ID | Name | Status | Networks | +------------------+--------------+--------+-------------------+ | [ID truncated] | markets-test | ACTIVE | public=192.0.2.0 | +------------------+--------------+--------+-------------------+ Accessing the Instance All instances exist on a nova network that is not accessible by other hosts by default. There are various ways to access an instance. In all cases, be sure that you have updated the default security group. • If you added a DMZ range during installation, you can access the instance via SSH from other hosts within the DMZ. • Log in through the VNC console on the dashboard. On the Instances & Volumes page, select VNC from the drop-down menu in the Instances table. If the console does not 31 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 respond to keyboard input, click the grey bar at the top of the console window. For best results, you should be running the dashboard on a Firefox browser with Flash installed. • Connect by SSH to the address that you assigned to the compute node, and connect to the instance by SSH while logged in to the compute node. Refer to "Accessing the Image By SSH on the Compute Node". • Assign a floating IP address to the instance and connect to that IP address by SSH. Refer to "Managing Floating IP Addresses". Logging In to the Instance The login for each instance is determined by the configuration of the image from which it was created. Rackspace Private Cloud Software comes with a CIRROS image and an Ubuntu 12.04 (Precise) image. • CIRROS: log in with the username cirros and the password cubswin:). • Ubuntu 12.04 Precise: Log in with the user ubuntu and the SSH key that you specified for the instance during the instance creation process. The key must be present on the host from which you are connecting to the instance, and you must log in with the key name and the -i flag. In the following example, the keypair file is named jdoekeypair.pem. $ ssh -i jdoe-keypair.pem 192.0.2.0 For instances launched from other images, log in with the credentials defined in the image. Accessing the Instance By SSH on the Compute Node Before you begin, you should know the IP addresses of your compute node or nodes. 1. If you have one compute node, go on to Step 2. If you have more than one compute node, log into the controller node, use sudo -i to switch to root, and execute the following command to identify the compute node on which the instance is stored. $ nova-manage vm list | grep instance_name The output generated will include the following information, where N is the number of the compute node. Compute nodes will be numbered in the order in which you added them. instance_name computeN m1.small active 2012-08-13 00:42:53 2. Connect to the compute node via SSH and use the OS login credentials that you created during install. In this example, the compute node's IP address is 192.0.2.0 and the OS login is jdoe. You will be prompted for the password. 32 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 $ ssh 192.0.2.0 -l jdoe 3. Once you are logged in, verify that you can ping the instance. In this example, the instance's IP address is 198.51.100.0. $ ping 198.51.100.0 PING 198.51.100.0 (198.51.100.0) 56(84) bytes 64 bytes from 198.51.100.0: icmp_req=1 ttl=64 64 bytes from 198.51.100.0: icmp_req=2 ttl=64 64 bytes from 198.51.100.0: icmp_req=3 ttl=64 of data. time=0.394 ms time=0.266 ms time=0.285 ms 4. Copy the *.pem keypair file associated with the instance to the compute node. 5. Connect to the instance via SSH. $ ssh 198.51.100.0 If the login requires an SSH key, log in with the key name and the -i flag. In this example, the keypair file is named jdoe-keypair.pem. $ ssh -i jdoe-keypair.pem 198.51.100.0 Managing Floating IP Addresses Before you assign a floating IP address to an instance, you must have a pool of addresses to choose from. Your network security team must provision an address range and assign it to your environment. These addresses need to be publicly accessible. Note If your cloud is hosted in a Rackspace data center and you require more floating IP addresses, contact your Rackspace support representative for assistance. Follow this procedure to create a pool of floating IP addresses, allocate an address to a project, and assign it to an instance. 1. Log into the controller node and use sudo -i to switch to root. Execute the following command, substituting in the CIDR for the address range in --ip_range that was provisioned by your network security team: $ nova-manage floating create --ip_range=xxx.xxx.xxx.xxx/xx This creates the pool of floating IP addresses, which will be available to all projects on the host. You can now allocate a floating IP address and assign it to an instance in the dashboard. 33 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 2. Open the Access & Security Page. 3. Click Allocate IP to Project above the Floating IPs table. 4. In the Allocate Floating IP dialog box, accept the default (typically Floating) in the Pool drop-down menu and click Allocate IP. You will receive a confirmation message that a floating IP address has been allocated to the project and the IP address will appear in the Floating IPs table. This reserves the addresses for the project, but does not immediately associate that address with an instance. 5. In the row for the IP address, click Associate IP. 6. In the Manage Floating IP Associations dialog, ensure that the allocated IP address is selected and select the instance from the Instance menu. Click Associate. You will receive a confirmation message that the IP has been associated with the instance. The instance ID will now appear in the Floating IPs table, associated with the IP address. It may be a few minutes before the IP address is included on the Instances table on the Instances & Volumes page. Once the IP address assignment is completed, you can access the instance from any Internet-enabled host by using SSH to access the newly-assigned floating IP. See Logging In to the Instance for more information. Managing floating IP addresses with the command line Allocation and assignment of floating IP addresses is managed with the nova floating-ip* commands. In this example, the IP address is first allocated to the Marketing project with nova floatingip-create command. $ nova floating-ip-create marketing The floating IP address has been reserved for the Marketing project, and can now be associated with an instance with the nova add-floating-ip command. For this example, we'll associate this IP address with the image markets-test. $ nova add-floating-ip markets-test 203.0.113.0 34 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 After the command is complete, you can confirm that the IP address has been associated with the nova floating-ip-list and nova-list commands. $ nova floating-ip-list +-------------+--------------------------------------+-----------+------+ | Ip | Instance Id | Fixed Ip | Pool | +-------------+--------------------------------------+-----------+------+ | 203.0.113.0 | 542235df-8ba4-4d08-90c9-b79f5a77c04f | 192.0.2.0 | nova | +-------------+--------------------------------------+-----------+------+ $ nova list +------------------+--------------+--------+---------------------------------+ | ID | Name | Status | Networks | +------------------+--------------+--------+---------------------------------+ | [ID truncated] | markets-test | ACTIVE | public=[network IP addresses] | +------------------+--------------+--------+---------------------------------+ The first table shows that the 203.0.113.0 is now associated with the markets-test instance ID, and the second table shows the IP address included under markets-test's public IP addresses. What's next? Congratulations! You have created a project and launched your first instance in your Rackspace Private Cloud Software-created cluster. You can now use your OpenStack environment for any purpose you like. If you're a more advanced user and are comfortable with APIs, OpenStack API documentation is available in the OpenStack API Documentation library. The following documents are a good place to start: • OpenStack API Quick Start • Programming OpenStack Compute API • OpenStack Compute Developer Guide You may want to purchase Escalation Support or Core Software Support for your cloud or take advantage of our training offerings. Contact us at <[email protected]> for more information. And please come join your fellow Rackspace Private Cloud users on our customer forums. https://privatecloudforums.rackspace.com Welcome aboard! 35 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 8. Configuring OpenStack Image Storage The Glance cookbook used for Rackspace Private Cloud supports OpenStack Image storage in the local file system, in OpenStack Object Storage (Swift), and in Rackspace Cloud Files. Note If you change the image storage location from Swift to Cloud Files (or vice versa), you must manually export and import the images. Local File Storage By default, OpenStack Image stores the image files locally on the controller node, and as long as you're using local file storage, you will not have to make any changes to your configuration. In the event that you need to switch from a different storage method to the local file system, follow these steps. 1. Log into the controller node and use sudo -i to switch to root access. 2. Define your text editor: $ export EDITOR=vi 3. Use knife to open the environment file for editing. $ knife environment edit rpcs 4. Add the following attributes to the environment. "glance": { "api": { "default_store": "file" }, "images": [ "cirros" ], "image_upload": true } 5. Run chef-client to commit the change. $ chef-client 36 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Rackspace Cloud Files To use Rackspace Cloud Files for image storage, you must have an account. To sign up, visit the Rackspace Cloud Files web site. 1. Log into the controller node and use sudo -i to switch to root access. 2. Use the following command to obtain your Cloud Files tenant ID. $ curl -s -X POST https://identity.api.rackspacecloud.com/v2.0/tokens -d '{"auth": {"passwordCredentials": {"cloud_files_username": "", \ "password": "cloud_files_password"}}}' \ -H "Content-type: application/json" | python -mjson.tool | \ grep "tenantId.*Mosso" | head -1 \ The output of this command will display on the screen. Copy and save the tenant ID. 3. Define your text editor: $ export EDITOR=vi 4. Use knife to open the environment file for editing. $ knife environment edit rpcs 5. Add the following attributes to the environment, using the tenant ID that you obtained in Step 2 and your Cloud Files username and password. "glance": { "api": { "default_store": "swift", "swift_store_user": "cloud_files_tenant_ID:cloud_files_username", "swift_store_key": "cloud_files_password", "swift_store_auth_version": "2", "swift_store_auth_address": "https://identity.api.rackspacecloud.com/v2. 0" }, "images": [ "cirros" ], "image_upload": true }, 6. Run chef-client to commit the change. $ chef-client 37 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Swift Storage To use Swift storage, you must have a Swift cluster configured in your environment. Refer to Rackspace Private Cloud OpenStack Object Storage Installation for more the process of creating and configuring a Swift cluster. 1. Log into the controller node and use sudo -i to switch to root access. 2. Define your text editor: $ export EDITOR=vi 3. Use knife to open the environment file for editing. $ knife environment edit rpcs 4. Add the following attributes to the environment. "glance": { "api": { "default_store": "swift" }, "images": [ "cirros" ], "image_upload": true } 5. Run chef-client to commit the change. $ chef-client 38 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 9. Glossary of Terms Cinder Project name for OpenStack Block Storage, which supersedes nova-volume. Compute OpenStack Compute is a compute service that provides server capacity in the cloud. Compute Servers come in different flavors of memory, disk space, and CPU, and can be provisioned in minutes. Interactions with Compute Servers can occur programmatically via the OpenStack Compute API or the Dashboard. Flavor Flavor is an available hardware configuration for a server. Each flavor has a unique combination of disk space, memory capacity and priority for CPU time. Floating IP address A floating IP address is an IP address (typically public) that can be dynamically assigned to an instance. This address enables network address translation (NAT) and allows an instance to be accessed from outside the nova fixed network. Glance Project name for the Image Service software, which is the main image repository piece of OpenStack, it is the place where you will be uploading your images as well as the place from which they will be consumed by the rest of the OpenStack system. Image Images are your templates for creating new virtual machines. The project under OpenStack that stores the available images is called Glance. Keypairs These are simple ssh keys and are your credentials for accessing any running instances. Keypairs are added and managed using the Keypairs section of the user dashboard. Keystone Project name for the Identity service software, which offers an integrated identity management system for OpenStack. Initially using token-based authentication, but eventually supporting plug-in modules for identity storage (LDAP, DB, file, PAM, Active Directory, etc...), protocols (SAML, OAUTH, OpenID, etc...) MySQL Datastore that stores build-time and run-time state for a cloud infrastructure. Nova Project name for the Compute service that provisions and manages large networks of virtual machines, creating a redundant and scalable cloud computing platform. Quantum Project name for the Network service, which provudes a network connectivity abstraction layer to OpenStack Compute. Rabbit MQ Provides robust messaging for applications. It is completely open source and based on open standard protocols. 39 Rackspace Private Cloud Software Getting Started Guide Mar 6, 2013 v 3.0 Security Groups Security groups at this time exist mostly as tags for the servers and can be consumed via the meta-data API via a simple curl command. Security groups can be specified as part of the "personality" of an instance. Server A server is a virtual machine instance in the compute system. Flavor and image are requisite elements when creating a server. Swift Project name for the Object Storage service software, which provides consistent and redundant storage and retrieval of fixed digital content. 40