Before you begin
Before you can install OpenStack, some work must be done to prepare the system for a successful installation.
Permissions
OpenStack services can be installed either as root or as a user with sudo permissions. The latter may require that the user be added to the sudoers file on each host. For tips on configuring sudoers, please visit the following URL:
http://wiki.centos.org/TipsAndTricks/BecomingRoot
For this installation, all commands should be run as root unless specified otherwise.
Configuring the OpenStack repository
Installation of OpenStack on CentOS uses packages from the RedHat RDO repository. To enable the RDO repository, download and install the rdo-release-havana package on all hosts:
# rpm -ivh http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-8.noarch.rpm
The EPEL package includes GPG keys to aid in signing packages and repository information and should be installed on all hosts:
# rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
Installing OpenStack utilities
The crudini utility is used throughout this book to make the configuration of various services easier and consistent. Crudini overwrites or adds individual configuration settings without overwriting the entire file. The following command installs crudini and another useful OpenStack configuration package, openstack-utils:
# yum -y install crudini openstack-utils
Setting the hostnames
Before installing OpenStack, be sure that each node in the environment has been configured with its proper hostname. Using a text editor, change the HOSTNAME value in the /etc/sysconfig/network file on each host:
- Controller node:
HOSTNAME=controller.learningneutron.com - Compute node:
HOSTNAME=compute01.learningneutron.com
To simplify communication between hosts, it is recommended that DNS or a local name resolver be used to resolve hostnames. Using a text editor, update the /etc/hosts file on each node to include the management IP address and hostname of all nodes:
10.254.254.100 controller.learningneutron.com controller 10.254.254.101 compute01.learningneutron.com compute01
Disabling SELinux
To avoid issues with communication among services, it is advised that the SELinux security policy be disabled on all nodes for the duration of this installation and subsequent test use.
SELinux can be set to one of the following three states:
enforcing: SELinux security policy is enforcedpermissive: SELinux prints warnings instead of enforcingdisabled: No SELinux policy is loaded
To disable SELinux, edit the /etc/selinux/config file, and change the SELINUX value to disabled. For your convenience, the following command will make the appropriate change:
# sed -i "/SELINUX=enforcing/c\SELINUX=disabled" /etc/selinux/config
Removing iptables rules
CentOS ships with rather restrictive iptables rules by default. Edit the iptables firewall service to allow all incoming traffic with the following commands:
# iptables -D INPUT -j REJECT --reject-with icmp-host-prohibited # iptables -D FORWARD -j REJECT --reject-with icmp-host-prohibited # service iptables save
Tip
The rule changes are meant to reduce possible issues with this installation guide and are not meant for production use. Consult the OpenStack security guide at http://docs.openstack.org/sec/ for more information on securing an OpenStack environment.
Installing and configuring Network Time Protocol
A time synchronization program, such as NTP, is a requirement, as OpenStack services depend on consistent and synchronized time between hosts. For Nova (Compute), having synchronized time helps to avoid problems when scheduling VM launches on compute nodes. Other services can experience similar issues when the time is not synchronized.
To install NTP, issue the following commands on all nodes in the environment:
# yum -y install ntp # service ntpd start
Unlike Ubuntu, the RHEL and CentOS operating systems do not automatically start services upon installation. To configure NTP to start at boot, use the chkconfig command as follows:
# chkconfig ntpd on
Additional services will be configured to start in a similar manner throughout this book.
Upgrading the system
Before installing OpenStack, it is imperative that the kernel and other system packages on each node be upgraded to the latest version supported by CentOS 6.5. Issue the following yum command on each node, followed by a reboot to allow the changes to take effect:
# yum -y upgrade # reboot