busterswt
diff --git a/‎CH2_Controller_Icehouse.txt
Lines changed: 211 additions & 0 deletions b/‎CH2_Controller_Icehouse.txt
Lines changed: 211 additions & 0 deletions
@@ -0,0 +1,211 @@
+# Title: CH2_Controller_Icehouse.txt
+# Purpose: 
+# Modified installation for Icehouse on CentOS 6.6. 
+# It is meant to replace the documented installation process in Chapter 2 for controller nodes only.
+# NOTE: Do not run commands that are commented out. 
+
+
+## Configure the repos
+rpm -ivh https://repos.fedorapeople.org/repos/openstack/openstack-icehouse/rdo-release-icehouse-4.noarch.rpm
+rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
+
+# Install crudini
+yum -y install crudini openstack-utils
+
+# Set the hostname
+sed -i "/HOSTNAME/c\HOSTNAME=controller.learningneutron.com" /etc/sysconfig/network
+
+# Add DNS entries
+echo 10.254.254.100 controller.learningneutron.com controller >> /etc/hosts
+echo 10.254.254.101 compute01.learningneutron.com compute01 >> /etc/hosts
+
+# Disable SELinux
+sed -i "/SELINUX=enforcing/c\SELINUX=disabled" /etc/selinux/config
+
+# Remove iptables
+iptables -D INPUT -j REJECT --reject-with icmp-host-prohibited
+iptables -D FORWARD -j REJECT --reject-with icmp-host-prohibited
+service iptables save
+
+# Install NTP
+yum -y install ntp
+service ntpd start
+chkconfig ntpd on
+
+# Upgrade and reboot
+yum -y upgrade
+reboot
+
+# Install MySQL Server
+yum -y install mysql mysql-server MySQL-python
+crudini --set /etc/my.cnf mysqld bind-address 10.254.254.100
+service mysqld start
+chkconfig mysqld on
+
+# Configure MySQL Server
+/usr/bin/mysql_secure_installation
+
+# Install Qpid
+yum -y install qpid-cpp-server memcached
+sed -i "/^auth/s/auth=yes/auth=no/" /etc/qpidd.conf
+service qpidd start
+chkconfig qpidd on
+
+# Install Keystone
+yum -y install openstack-keystone python-keystoneclient
+crudini --set /etc/keystone/keystone.conf sql connection mysql://keystone:keystone@controller/keystone
+openstack-db --init --service keystone --password keystone
+
+ADMIN_TOKEN=$(openssl rand -hex 10)
+crudini --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN
+keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
+chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log
+crudini --set /etc/keystone/keystone.conf token provider keystone.token.providers.pki.Provider
+service openstack-keystone start
+chkconfig openstack-keystone on
+
+# Configure Keystone
+export OS_SERVICE_TOKEN=$ADMIN_TOKEN
+export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0
+keystone tenant-create --name=admin --description="Admin Tenant"
+keystone tenant-create --name=service --description="Service Tenant"
+keystone user-create --name=admin --pass=secrete [email protected]
+keystone role-create --name=admin
+keystone user-role-add --user=admin --tenant=admin --role=admin
+keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"
+
+keystone endpoint-create \
+  --service-id=`keystone service-get keystone | awk '/ id / { print $4 }'` \
+  --publicurl=http://controller:5000/v2.0 \
+  --internalurl=http://controller:5000/v2.0 \
+  --adminurl=http://controller:35357/v2.0
+
+unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
+keystone --os-username=admin --os-password=secrete --os-auth-url=http://controller:35357/v2.0 token-get
+keystone --os-username=admin --os-password=secrete --os-tenant-name=admin --os-auth-url=http://controller:35357/v2.0 token-get
+
+# Configure environment vars
+mkdir ~/credentials
+cat >> ~/credentials/admin <<EOF
+export OS_USERNAME=admin 
+export OS_PASSWORD=secrete
+export OS_TENANT_NAME=admin 
+export OS_AUTH_URL=http://controller:35357/v2.0
+EOF
+source ~/credentials/admin
+keystone token-get
+keystone user-list
+
+# Install Glance
+yum -y install openstack-glance
+openstack-db --init --service glance --password glance
+
+crudini --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:glance@controller/glance
+crudini --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:glance@controller/glance
+keystone user-create --name=glance --pass=glance [email protected]
+keystone user-role-add --user=glance --tenant=service --role=admin
+crudini --set /etc/glance/glance-api.conf keystone_authtoken auth_host controller
+crudini --set /etc/glance/glance-api.conf  keystone_authtoken admin_user glance
+crudini --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service
+crudini --set /etc/glance/glance-api.conf keystone_authtoken admin_password glance
+crudini --set /etc/glance/glance-registry.conf keystone_authtoken auth_host controller
+crudini --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance
+crudini --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service
+crudini --set /etc/glance/glance-registry.conf keystone_authtoken admin_password glance
+cp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini
+cp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.ini
+crudini --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host controller
+crudini --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glance
+crudini --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service
+crudini --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password glance
+crudini --set /etc/glance/glance-api-paste.ini filter:authtoken flavor keystone
+crudini --set /etc/glance/glance-registry-paste.ini filter:authtoken auth_host controller
+crudini --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glance
+crudini --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name service
+crudini --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password glance
+crudini --set /etc/glance/glance-registry-paste.ini filter:authtoken flavor keystone
+
+service openstack-glance-api start
+service openstack-glance-registry start
+chkconfig openstack-glance-api on
+chkconfig openstack-glance-registry on
+
+keystone service-create --name=glance --type=image --description="Glance Image Service"
+
+keystone endpoint-create \
+  --service-id=`keystone service-get glance | awk '/ id / { print $4 }'` \
+  --publicurl=http://controller:9292 \
+  --internalurl=http://controller:9292 \
+  --adminurl=http://controller:9292
+  
+# Verify glance
+mkdir /var/tmp/images ; cd /var/tmp/images/
+wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
+glance image-create --name=CirrOS-0.3.4 --disk-format=qcow2 --container-format=bare --is-public=true --file /var/tmp/images/cirros-0.3.4-x86_64-disk.img
+glance image-create --name=Ubuntu-14.04 --disk-format=qcow2 --container-format=bare --is-public=true --location http://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img
+glance image-create --name=CentOS-6 --disk-format=qcow2 --container-format=bare --is-public=true --location http://cloud.centos.org/centos/6/images/CentOS-6-x86_64-GenericCloud.qcow2
+
+# INSTALL NOVA CONTROLLER SERVICES
+yum -y install openstack-nova python-novaclient
+openstack-db --init --service nova --password nova
+
+crudini --set /etc/nova/nova.conf database connection mysql://nova:nova@controller/nova
+crudini --set /etc/nova/nova.conf DEFAULT rpc_backend nova.openstack.common.rpc.impl_qpid
+crudini --set /etc/nova/nova.conf DEFAULT qpid_hostname controller
+crudini --set /etc/nova/nova.conf DEFAULT my_ip 10.254.254.100
+crudini --set /etc/nova/nova.conf DEFAULT vncserver_listen 10.254.254.100
+crudini --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address 10.254.254.100
+keystone user-create --name=nova --pass=nova [email protected]
+keystone user-role-add --user=nova --tenant=service --role=admin
+crudini --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
+crudini --set /etc/nova/nova.conf keystone_authtoken auth_host controller
+crudini --set /etc/nova/nova.conf keystone_authtoken auth_protocol http
+crudini --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
+crudini --set /etc/nova/nova.conf keystone_authtoken admin_user nova
+crudini --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service
+crudini --set /etc/nova/nova.conf keystone_authtoken admin_password nova
+crudini --set /etc/nova/api-paste.ini filter:authtoken auth_host controller
+crudini --set /etc/nova/api-paste.ini filter:authtoken auth_port 35357
+crudini --set /etc/nova/api-paste.ini filter:authtoken auth_protocol http
+crudini --set /etc/nova/api-paste.ini filter:authtoken auth_uri http://controller:5000/v2.0
+crudini --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service
+crudini --set /etc/nova/api-paste.ini filter:authtoken admin_user nova
+crudini --set /etc/nova/api-paste.ini filter:authtoken admin_password nova
+crudini --set /etc/nova/nova.conf DEFAULT api_paste_config /etc/nova/api-paste.ini
+
+# Fixes a bug introduced in Icehouse
+crudini --set /etc/nova/nova.conf DEFAULT vif_plugging_is_fatal false
+crudini --set /etc/nova/nova.conf DEFAULT vif_plugging_timeout 0
+
+keystone service-create --name=nova --type=compute --description="Nova Compute service"
+
+keystone endpoint-create \
+  --service-id=`keystone service-get nova | awk '/ id / { print $4 }'` \
+  --publicurl=http://controller:8774/v2/%\(tenant_id\)s \
+  --internalurl=http://controller:8774/v2/%\(tenant_id\)s \
+  --adminurl=http://controller:8774/v2/%\(tenant_id\)s
+  
+service openstack-nova-api start
+service openstack-nova-cert start
+service openstack-nova-consoleauth start
+service openstack-nova-scheduler start
+service openstack-nova-conductor start
+service openstack-nova-novncproxy start
+service openstack-nova-console start
+chkconfig openstack-nova-api on
+chkconfig openstack-nova-cert on
+chkconfig openstack-nova-consoleauth on
+chkconfig openstack-nova-scheduler on
+chkconfig openstack-nova-conductor on
+chkconfig openstack-nova-novncproxy on
+chkconfig openstack-nova-console on
+
+# Install Horizon
+yum -y install mod_wsgi openstack-dashboard
+sed -i 's/ALLOWED_HOSTS/#ALLOWED_HOSTS/' /etc/openstack-dashboard/local_settings 
+sed -i "/OPENSTACK_HOST/c\OPENSTACK_HOST = \"controller\"" /etc/openstack-dashboard/local_settings
+sed -i -e "\$aOPENSTACK_KEYSTONE_URL = \"http://controller:5000/v2.0\"" /etc/openstack-dashboard/local_settings
+sed -i 's/Listen 80/Listen 10.254.254.100:80/' /etc/httpd/conf/httpd.conf 
+
+service httpd start
+chkconfig httpd on