OpenHPC: Configuring Deployed OpenStack OS Image
Checking answers.txt & .bashrc files
- The fresh installation should have an
answers.txtfile in/root. Ensure the contents are suitable and, at least, the following lines are set appropriately:
CONFIG_NTP_SERVERS=pool.ntp.org
CONFIG_KEYSTONE_ADMIN_PW=Boston2016
CONFIG_HORIZON_SSL=y
CONFIG_PROVISION_DEMO=n
CONFIG_CONTROLLER_HOST=172.30.1.1
CONFIG_COMPUTE_HOSTS=172.30.1.1
CONFIG_NETWORK_HOSTS=172.30.1.1
CONFIG_STORAGE_HOST=172.30.1.1
CONFIG_SAHARA_HOST=172.30.1.1
CONFIG_AMQP_HOST=172.30.1.1
CONFIG_MARIADB_HOST=172.30.1.1
CONFIG_KEYSTONE_LDAP_URL=ldap://172.30.1.1
CONFIG_MONGODB_HOST=172.30.1.1
CONFIG_REDIS_MASTER_HOST=172.30.1.1- Check that the
~/.bashrcfile is correct and looks like the following:
[root@node-b ~]# cat .bashrc
# .bashrc
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
# Uncomment the following line if you don't like systemctl's auto-paging feature:
# export SYSTEMD_PAGER=
# User specific aliases and functions
export LANG=en_US.UTF-8
export LC_ALL=CRun packstack using the answers.txt file
- In principle, it should be a simple case of just running
packstackagain and pointing at theanswers.txtfile:
[root@server2-a ~]# packstack --answer-file /root/answers.txt
Welcome to Installer setup utility
Installing:
Clean Up [ DONE ]
Setting up ssh keys [ DONE ]
Discovering hosts' details [ DONE ]
Adding pre install manifest entries [ DONE ]
Installing time synchronization via NTP [ DONE ]
Preparing servers [ DONE ]
Adding AMQP manifest entries [ DONE ]
Adding MySQL manifest entries [ DONE ]
Adding Keystone manifest entries [ DONE ]
Adding Glance Keystone manifest entries [ DONE ]
Adding Glance manifest entries [ DONE ]
Adding Cinder Keystone manifest entries [ DONE ]
Adding Cinder manifest entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Adding Nova API manifest entries [ DONE ]
Adding Nova Keystone manifest entries [ DONE ]
Adding Nova Cert manifest entries [ DONE ]
Adding Nova Conductor manifest entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Adding Nova Compute manifest entries [ DONE ]
Adding Nova Scheduler manifest entries [ DONE ]
Adding Nova VNC Proxy manifest entries [ DONE ]
Adding Openstack Network-related Nova manifest entries[ DONE ]
Adding Nova Common manifest entries [ DONE ]
Adding Neutron API manifest entries [ DONE ]
Adding Neutron Keystone manifest entries [ DONE ]
Adding Neutron L3 manifest entries [ DONE ]
Adding Neutron L2 Agent manifest entries [ DONE ]
Adding Neutron DHCP Agent manifest entries [ DONE ]
Adding Neutron LBaaS Agent manifest entries [ DONE ]
Adding Neutron Metering Agent manifest entries [ DONE ]
Adding Neutron Metadata Agent manifest entries [ DONE ]
Adding OpenStack Client manifest entries [ DONE ]
Adding Horizon manifest entries [ DONE ]
Adding Swift Keystone manifest entries [ DONE ]
Adding Swift builder manifest entries [ DONE ]
Adding Swift proxy manifest entries [ DONE ]
Adding Swift storage manifest entries [ DONE ]
Adding Swift common manifest entries [ DONE ]
Adding MongoDB manifest entries [ DONE ]
Adding Ceilometer manifest entries [ DONE ]
Adding Ceilometer Keystone manifest entries [ DONE ]
Adding Nagios server manifest entries [ DONE ]
Adding Nagios host manifest entries [ DONE ]
Adding post install manifest entries [ DONE ]
Installing Dependencies [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 172.25.2.10_prescript.pp
172.25.2.10_prescript.pp: [ DONE ]
Applying 172.25.2.10_ntpd.pp
172.25.2.10_ntpd.pp: [ DONE ]
Applying 172.25.2.10_amqp.pp
Applying 172.25.2.10_mysql.pp
172.25.2.10_amqp.pp: [ DONE ]
172.25.2.10_mysql.pp: [ DONE ]
Applying 172.25.2.10_keystone.pp
Applying 172.25.2.10_glance.pp
Applying 172.25.2.10_cinder.pp
172.25.2.10_keystone.pp: [ DONE ]
172.25.2.10_cinder.pp: [ DONE ]
172.25.2.10_glance.pp: [ DONE ]
Applying 172.25.2.10_api_nova.pp
172.25.2.10_api_nova.pp: [ DONE ]
Applying 172.25.2.10_nova.pp
172.25.2.10_nova.pp: [ DONE ]
Applying 172.25.2.10_neutron.pp
172.25.2.10_neutron.pp: [ DONE ]
Applying 172.25.2.10_neutron_fwaas.pp
Applying 172.25.2.10_osclient.pp
Applying 172.25.2.10_horizon.pp
172.25.2.10_neutron_fwaas.pp: [ DONE ]
172.25.2.10_horizon.pp: [ DONE ]
172.25.2.10_osclient.pp: [ DONE ]
Applying 172.25.2.10_ring_swift.pp
172.25.2.10_ring_swift.pp: [ DONE ]
Applying 172.25.2.10_swift.pp
172.25.2.10_swift.pp: [ DONE ]
Applying 172.25.2.10_mongodb.pp
172.25.2.10_mongodb.pp: [ DONE ]
Applying 172.25.2.10_ceilometer.pp
Applying 172.25.2.10_nagios.pp
Applying 172.25.2.10_nagios_nrpe.pp
172.25.2.10_ceilometer.pp: [ DONE ]
172.25.2.10_nagios_nrpe.pp: [ DONE ]
172.25.2.10_nagios.pp: [ DONE ]
Applying 172.25.2.10_postscript.pp
172.25.2.10_postscript.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]
**** Installation completed successfully ******
Additional information:
* Did not create a cinder volume group, one already existed
* File /root/keystonerc_admin has been created on OpenStack client host 172.25.2.10. To use the command line tools you need to source the file.
* NOTE : A certificate was generated to be used for ssl, You should change the ssl certificate configured in /etc/httpd/conf.d/ssl.conf on 172.25.2.10 to use a CA signed cert.
* To access the OpenStack Dashboard browse to https://172.25.2.10/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* To use Nagios, browse to http://172.25.2.10/nagios username: nagiosadmin, password: 135225bb92224f28
* Because of the kernel update the host 172.25.2.10 requires reboot.
* The installation log file is available at: /var/tmp/packstack/20150427-115355-Wkd3e1/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20150427-115355-Wkd3e1/manifestsResolving errors
- In practice, a few errors popped up...
Issues with chrony
- The following popped up:
[root@node-b ~]# yum install sudo
Failed to set locale, defaulting to C
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.clouvider.net
* epel: mirrors.ukfast.co.uk
* extras: mirror.simwood.com
* updates: centos.serverspace.co.uk
Resolving Dependencies
--> Running transaction check
---> Package sudo.x86_64 0:1.8.6p7-16.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==========================================================================================================================================
Package Arch Version Repository Size
==========================================================================================================================================
Installing:
sudo x86_64 1.8.6p7-16.el7 base 732 k
Transaction Summary
==========================================================================================================================================
Install 1 Package
Total download size: 732 k
Installed size: 2.4 M
Is this ok [y/d/N]: y
Downloading packages:
sudo-1.8.6p7-16.el7.x86_64.rpm | 732 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
Installing : sudo-1.8.6p7-16.el7.x86_64 1/1
Verifying : sudo-1.8.6p7-16.el7.x86_64 1/1
Installed:
sudo.x86_64 0:1.8.6p7-16.el7
Complete!
[root@node-b ~]# ls -alh `which sudo `
---s--x--x 1 root root 128K Nov 20 15:16 /usr/bin/sudo
[root@node-b ~]# clear
[root@node-b ~]# screen
Directory '/var/run/screen' must have mode 777.
[root@node-b ~]# chmod 777 /var/run/screen/
[root@node-b ~]# screen
[detached from 29892.pts-0.node-b]
[root@node-b ~]# /usr/bin/systemctl start chronyd
Job for chronyd.service failed because the control process exited with error code. See "systemctl status chronyd.service" and "journalctl -xe" for details.
[root@node-b ~]# /usr/bin/systemctl status chronyd
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2016-03-10 06:24:36 EST; 7s ago
Process: 3879 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=1/FAILURE)
Mar 10 06:24:36 node-b.vscaler.local systemd[1]: Starting NTP client/server...
Mar 10 06:24:36 node-b.vscaler.local chronyd[3881]: chronyd version 2.1.1 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +DEBUG ...CHASH)
Mar 10 06:24:36 node-b.vscaler.local chronyd[3879]: getpwnam(chrony) failed
Mar 10 06:24:36 node-b.vscaler.local systemd[1]: chronyd.service: control process exited, code=exited status=1
Mar 10 06:24:36 node-b.vscaler.local systemd[1]: Failed to start NTP client/server.
Mar 10 06:24:36 node-b.vscaler.local systemd[1]: Unit chronyd.service entered failed state.
Mar 10 06:24:36 node-b.vscaler.local systemd[1]: chronyd.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
[root@node-b ~]# yum reinstall chrony
Failed to set locale, defaulting to C
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.clouvider.net
* extras: mirror.simwood.com
* updates: centos.serverspace.co.uk
Resolving Dependencies
--> Running transaction check
---> Package chrony.x86_64 0:2.1.1-1.el7.centos will be reinstalled
--> Finished Dependency Resolution
Dependencies Resolved
==========================================================================================================================================
Package Arch Version Repository Size
==========================================================================================================================================
Reinstalling:
chrony x86_64 2.1.1-1.el7.centos base 280 k
Transaction Summary
==========================================================================================================================================
Reinstall 1 Package
Total download size: 280 k
Installed size: 468 k
Is this ok [y/d/N]: y
Downloading packages:
chrony-2.1.1-1.el7.centos.x86_64.rpm | 280 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : chrony-2.1.1-1.el7.centos.x86_64 1/1
Verifying : chrony-2.1.1-1.el7.centos.x86_64 1/1
Installed:
chrony.x86_64 0:2.1.1-1.el7.centos
Complete!
[root@node-b ~]# /usr/bin/systemctl start chronyd
Warning: chronyd.service changed on disk. Run 'systemctl daemon-reload' to reload units.
[root@node-b ~]# /usr/bin/systemctl status chronyd
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2016-03-10 06:26:17 EST; 11s ago
Process: 3937 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS)
Process: 3933 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 3935 (chronyd)
CGroup: /system.slice/chronyd.service
└─3935 /usr/sbin/chronyd
Mar 10 06:26:17 node-b.vscaler.local systemd[1]: Starting NTP client/server...
Mar 10 06:26:17 node-b.vscaler.local chronyd[3935]: chronyd version 2.1.1 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +DEBUG ...CHASH)
Mar 10 06:26:17 node-b.vscaler.local systemd[1]: Started NTP client/server.
Warning: chronyd.service changed on disk. Run 'systemctl daemon-reload' to reload units.
Hint: Some lines were ellipsized, use -l to show in full.
[root@node-b ~]# systemctl daemon-reload
[root@node-b ~]# screen -r
Adding Nova Common manifest entries [ DONE ]
Adding Neutron FWaaS Agent manifest entries [ DONE ]
Adding Neutron LBaaS Agent manifest entries [ DONE ]
Adding Neutron API manifest entries [ DONE ]
Adding Neutron Keystone manifest entries [ DONE ]
Adding Neutron L3 manifest entries [ DONE ]
Adding Neutron L2 Agent manifest entries [ DONE ]
Adding Neutron DHCP Agent manifest entries [ DONE ]
Adding Neutron Metering Agent manifest entries [ DONE ]
Adding Neutron Metadata Agent manifest entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Adding OpenStack Client manifest entries [ DONE ]
Adding Horizon manifest entries [ DONE ]
Adding Swift Keystone manifest entries [ DONE ]
Adding Swift builder manifest entries [ DONE ]
Adding Swift proxy manifest entries [ DONE ]
Adding Swift storage manifest entries [ DONE ]
Adding Swift common manifest entries [ DONE ]
Adding MongoDB manifest entries [ DONE ]
Adding Redis manifest entries [ DONE ]
Adding Ceilometer manifest entries [ DONE ]
Adding Ceilometer Keystone manifest entries [ DONE ]
Adding Nagios server manifest entries [ DONE ]
Adding Nagios host manifest entries [ DONE ]
Adding post install manifest entries [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 172.30.1.1_prescript.pp
172.30.1.1_prescript.pp: [ DONE ]
Applying 172.30.1.1_chrony.pp
172.30.1.1_chrony.pp: [ ERROR ]
Applying Puppet manifests [ ERROR ]
ERROR : Error appeared during Puppet run: 172.30.1.1_chrony.pp
Error: Could not start Service[chronyd]: Execution of '/usr/bin/systemctl start chronyd' returned 1: Job for chronyd.service failed because the control process exited with error code. See "systemctl status chronyd.service" and "journalctl -xe" for details.
You will find full trace in log /var/tmp/packstack/20160310-062327-GQhViH/manifests/172.30.1.1_chrony.pp.log
Please check log file /var/tmp/packstack/20160310-062327-GQhViH/openstack-setup.log for more information- This appears to be related to occur if the standard NTP service is installed (it was in my original OS Image but I have since removed it). I did the following:
[root@node-b ~]# yum remove ntp
[root@node-b ~]# yum -y reinstall crony
[root@node-b ~]# /usr/bin/systemctl start chronyd
Warning: chronyd.service changed on disk. Run 'systemctl daemon-reload' to reload units.
[root@node-b ~]# systemctl daemon-reloadIssues with sudo
- It seems that the image created by OpenHPC has some potentially incorrect permissions set with the
sudocommand. - We found it necessary to remove and reinstall sudo
# Remove
root@node-b ~]# rpm -e --force sudo
root@node-b ~]# rpm -e --nodeps sudo
# Reinstall
root@node-b ~]# yum install sudo
# Note a sticky bit is now defined
root@node-b ~]# ls -alh `which sudo `
---s--x--x 1 root root 128K Nov 20 20:16 /usr/bin/sudoIssues connecting to mongodb
- One site suggests this is a known bug with OpenStack and Centos 7.x and they suggest:
cd /etc
rm -f mongodb.conf
touch -f mongod.conf
ln -s /etc/mongod.conf mongodb.conf- In practice, this didn't resolve our issue. We found that the
mongodbserver could only be contacted on 127.0.0.1 and not in its standard IP. To resolve this, we edited the/etc/mongodb.conffile and set thebind_ipto0.0.0.0:
[root@node-b ~]# cat /etc/mongodb.conf
# mongo.conf - generated from Puppet
#where to log
logpath=/var/log/mongodb/mongodb.log
logappend=true
# Set this option to configure the mongod or mongos process to bind to and
# listen for connections from applications on this address.
# You may concatenate a list of comma separated values to bind mongod to multiple IP addresses.
bind_ip = 0.0.0.0
# fork and run in background
fork=true
dbpath=/var/lib/mongodb
# location of pidfile
pidfilepath=/var/run/mongodb/mongod.pid
# Enables journaling
journal = true
# Turn on/off security. Off is currently the default
noauth=true
# Use a smaller default data file size.
smallfiles = true- After this, restart the mongod.service
- Following a successful
packstackinstallation, it seems thebind_ipmay get set back to the correct IP as defined in theanswers.txtfile.
Amend local networking configuration (attach eth0 to Open Vswitch external bridge for 2 interface systems)
NB: OpenStack guidelines suggest systems should have 3 interfaces: Management, External & Interconnect
The External interface is accessed via a bridge - br-ex
If the system has only 2 interfaces, the Management interface can share the same bridge.
- Copy network config files
[root@node-b ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /root/
[root@node-b-a ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-br-ex- Edit
eth0config file:
DEVICE=eth0
ONBOOT=yes
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex- Edit the new
br-exconfig file:
DEVICE=br-ex
BOOTPROTO=static
ONBOOT=yes
TYPE=OVSBridge
DEVICETYPE=ovs
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
IPADDR=172.30.1.1
NETMASK=255.255.0.0
GATEWAY=172.30.0.1
DNS1=8.8.8.8- Add
eth0tobr-exbridge and set hostname:
[root@node-b ~]# ovs-vsctl add-port br-ex eth0 ; systemctl restart network.service
[root@node-b ~]# hostnamectl set-hostname node-b.vscaler.localNB: ovs-vsctl add-port br-ex eth0 is apparently not vital
- Set hostname:
[root@node-b ~]# hostnamectl set-hostname node-b.vscaler.localNB: This assigns a static hostname rather than that transient hostname.
- Restart networking:
systemctl restart network.service