Skip to content

Instantly share code, notes, and snippets.

@zhanghui9700

zhanghui9700/havana-install.sh

Last active August 29, 2015 13:58
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save zhanghui9700/10082160 to your computer and use it in GitHub Desktop.
Save zhanghui9700/10082160 to your computer and use it in GitHub Desktop.
Download ZIP
openstack havana install by manual
Raw
havana-install.sh
== Initial ==
On controller node (192.168.122.163):
$ yum install openstack-keystone openstack-utils dnsmasq-utils -y
$ yum install openstack-glance openstack-cinder openstack-neutron \
openstack-neutron-openvswitch -y
$ yum install openstack-nova -y
On compute (192.168.122.100):
$ yum install openstack-neutron openstack-neutron-openvswitch \
openstack-nova bridge-utils -y
For iptables (on both Controller & Compute nodes):
$ systemctl stop firewalld
$ systemctl disable firewalld
$ yum install iptables-services
# Create this below file, otherwise starting iptables will fail
$ touch /etc/sysconfig/iptables
$ systemctl enable iptables && systemctl start iptables
== Controller ==
Keystone
---------
$ openstack-db --init --service keystone
$ export SERVICE_TOKEN=$(openssl rand -hex 10)
$ echo $SERVICE_TOKEN
38b5a7143cdfd7063f42
$ export SERVICE_ENDPOINT=http://192.168.122.163:35357/v2.0
$ echo $SERVICE_TOKEN > /tmp/ks_admin_token
$ openstack-config --set /etc/keystone/keystone.conf \
DEFAULT admin_token $SERVICE_TOKEN
$ keystone-manage pki_setup --keystone-user keystone \
--keystone-group keystone
$ chown -R keystone:keystone /etc/keystone/ssl
$ for i in start enable status; \
do systemctl $i openstack-keystone; done
$ keystone service-create --name keystone --type identity \
--description "Keystone Identity Service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Keystone Identity Service |
| id | b608338394c8443f88d1bf22bd2029de |
| name | keystone |
| type | identity |
+-------------+----------------------------------+
$ keystone endpoint-create --service_id b608338394c8443f88d1bf22bd2029de \
--publicurl 'http://192.168.122.163:5000/v2.0' \
--adminurl 'http://192.168.122.163:35357/v2.0' \
--internalurl 'http://192.168.122.163:5000/v2.0'
+-------------+-----------------------------------+
| Property | Value |
+-------------+-----------------------------------+
| adminurl | http://192.168.122.163:35357/v2.0 |
| id | b6ec04d22c4e4dca867d9f0eb5908fca |
| internalurl | http://192.168.122.163:5000/v2.0 |
| publicurl | http://192.168.122.163:5000/v2.0 |
| region | regionOne |
| service_id | b608338394c8443f88d1bf22bd2029de |
+-------------+-----------------------------------+
$ keystone user-create --name admin --pass fedora
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 076818c611d443238bc6ca45ad0021ac |
| name | admin |
+----------+----------------------------------+
$ keystone role-create --name admin
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | 90950360ac844ff598b9a75e269afbe1 |
| name | admin |
+----------+----------------------------------+
$ keystone tenant-create --name admin
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 1580cadb173c475eb9c381e78f13b109 |
| name | admin |
+-------------+----------------------------------+
$ keystone user-role-add --user admin \
--role admin --tenant admin
$ cat >> ~/keystonerc_admin <<EOF
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
export OS_PASSWORD=fedora
export OS_AUTH_URL=http://192.168.122.163:35357/v2.0/
export PS1='[\u@\h \W(keystone_admin)]\$ '
EOF
$ . keystonerc_admin
$ keystone user-create --name kashyap --pass fedora
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 1c18b2231aa34dbe9c31cd390aaedb42 |
| name | kashyap |
+----------+----------------------------------+
$ keystone role-create --name user
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | 6fac6b1cd0c24ba0a949d12acc757311 |
| name | user |
+----------+----------------------------------+
$ keystone tenant-create --name ostenant
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 2c845a6ad20e45ccb0b045cee27a9661 |
| name | ostenant |
+-------------+----------------------------------+
$ keystone user-role-add --user kashyap \
--role user --tenant ostenant
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
$ cat >> ~/keystonerc_kashyap <<EOF
export OS_USERNAME=kashyap
export OS_TENANT_NAME=ostenant
export OS_PASSWORD=fedora
export OS_AUTH_URL=http://192.168.122.163:35357/v2.0/
export PS1='[\u@\h \W(keystone_kashyap)]\$ '
EOF
# Logout and ssh into the controller node again
$ . keystonerc_kashyap
$ keystone user-list
$ . keystonerc_admin
$ keystone user-list
# Disable qpid authentication
$ yum install qpid-cpp-server -y
$ sed -i 's/auth=.*/auth=no/g' /etc/qpidd.conf
$ grep auth /etc/qpidd.conf
auth=no
# Start and enable qpidd.service
$ for i in start enable status; \
do systemctl $i qpidd; done
Glance
------
$ openstack-db --init --service glance
$ keystone tenant-create --name services
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | a04e8158c9974f2699185994791e78c1 |
| name | services |
+-------------+----------------------------------+
$ keystone user-create --name glance --pass fedora
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | a04e8158c9974f2699185994791e78c1 |
| name | services |
+-------------+----------------------------------+
$ keystone user-role-add --user glance \
--role admin --tenant services
# Update glance-api.conf
$ openstack-config --set /etc/glance/glance-api.conf \
past
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment