Here are logs when setting up Openstack Kilo within a LXC container by using openstack-installer.
Reference
http://ronaldbradford.com/blog/deploying-ubuntu-openstack-kilo-2015-06-06/
http://openstack.astokes.org/guides/single-install
LXC host information.
root@ubuntu:~# dpkg -l lxc
ii lxc 1.0.7-0ubuntu0.9 amd64 Linux Containers userspace tools
root@ubuntu:~# dpkg -l lxc | tail -1
ii lxc 1.0.7-0ubuntu0.9 amd64 Linux Containers userspace tools
root@ubuntu:~# uname -ri
3.13.0-66-generic x86_64
root@ubuntu:~# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.3 LTS"
root@ubuntu:~#
|
create a container.
# lxc-create -n ubuntu-juju01 -t ubuntu
|
openstack-installer sets up Openstack environment under LXC and KVM.
So if you run openstack-installer *inside* a container, you need to enable nested LXC/KVM. ( run LXC/KVM within LXC )
Here is how to run LXC/KVM within a LXC container.
on the LXC host
root@ubuntu:~# cat /etc/lxc/default.conf
lxc.network.type = veth
lxc.network.link = lxcbr0
lxc.network.flags = up
lxc.network.hwaddr = 00:16:3e:xx:xx:xx
# allow nested LXC
lxc.mount.auto = cgroup
lxc.aa_profile = lxc-container-default-with-nesting
# nested KVM
lxc.cgroup.devices.allow = b 7:* rwm
lxc.cgroup.devices.allow = c 10:230 rw
lxc.cgroup.devices.allow = c 10:232 rw
|
edit “config” of this container.
This will create a /dev/net, /dev/kvm and /dev/net/tun device within LXC, which is needed to run KVM inside a container.
root@ubuntu:~# grep -v ^# /var/lib/lxc/ubuntu-juju01/rootfs/etc/rc.local
mkdir -p /dev/net || true
mknod /dev/kvm c 10 232
mknod /dev/net/tun c 10 200
exit 0
|
in the container.
ubuntu@ubuntu-juju01:~$ sudo apt-get update
ubuntu@ubuntu-juju01:~$ sudo apt-get install software-properties-common
ubuntu@ubuntu-juju01:~$ sudo apt-add-repository ppa:cloud-installer/experimental
ubuntu@ubuntu-juju01:~$ sudo apt-get update
ubuntu@ubuntu-juju01:~$ sudo apt-get install openstack
|
become a root and then install kilo.
ubuntu@ubuntu-juju01:~$ sudo su -
root@ubuntu-juju01:~# openstack-install --upstream-ppa
root@ubuntu-juju01:~#
|
select “Single”
setting up openstack..
still setting up..
still setting up...
finished!
8 containers and 3 VMs are running ( openstack kilo environment )
---------
LXC ( openstack-single-root )
----------
LXC ( ubuntu-juju01) <- I issued ‘openstack-install’ on this container.
----------
LXC host ( hostname : ubuntu )
on the LXC host ( ubuntu )
hattori@ubuntu:~$
hattori@ubuntu:~$ sudo lxc-ls -f
NAME STATE IPV4 IPV6 AUTOSTART
--------------------------------------------------------------------
ubuntu-cn01 STOPPED - - NO
ubuntu-cn02 STOPPED - - NO
ubuntu-juju01 RUNNING 10.0.3.126, 10.0.4.1 - NO
|
access to the ubuntu-juju01 container.
hattori@ubuntu:~$ ssh ubuntu@10.0.3.126
ubuntu@ubuntu-juju01:~$
ubuntu@ubuntu-juju01:~$ sudo su -
[sudo] password for ubuntu:
root@ubuntu-juju01:~# lxc-ls -f
NAME STATE IPV4 IPV6 AUTOSTART
------------------------------------------------------------------------------------
openstack-single-root RUNNING 10.0.4.250, 10.0.6.1, 192.168.122.1 - YES
|
access to the ‘openstack-single-root’ container.
root@ubuntu-juju01:~# ssh ubuntu@10.0.4.250
Last login: Tue Nov 10 01:05:16 2015 from 10.0.4.1
ubuntu@openstack-single-root:~$ sudo su -
root@openstack-single-root:~#
|
Three VMs are running in the ‘openstack-single-root’ container.
root@openstack-single-root:~# lxc-ls -f
NAME STATE IPV4 IPV6 AUTOSTART
----------------------------------
root@openstack-single-root:~# virsh list --all
Id Name State
----------------------------------------------------
2 ubuntu-local-machine-1 running
3 ubuntu-local-machine-2 running
4 ubuntu-local-machine-3 running
|
ubuntu@openstack-single-root:~$ hostname
openstack-single-root
ubuntu@openstack-single-root:~$
ubuntu@openstack-single-root:~$ whoami
ubuntu
ubuntu@openstack-single-root:~$ cat ~/.cloud-install/openstack-ubuntu-rc
export OS_USERNAME="ubuntu"
export OS_PASSWORD="ubuntu"
export OS_TENANT_NAME="ubuntu"
export OS_AUTH_URL="http://10.0.6.172:5000/v2.0"
export OS_REGION_NAME="RegionOne"
|
8 containers and 3 VMs are running within ‘openstack-single-root’ container.
ubuntu@openstack-single-root:~$ cat /var/lib/misc/dnsmasq.lxcbr0.leases
1447090436 52:54:00:06:49:6d 10.0.6.148 ubuntu-local-machine-3 *
1447091018 00:16:3e:75:70:1c 10.0.6.157 ubuntu-local-machine-1-lxc-7 *
1447090712 00:16:3e:c5:fa:08 10.0.6.123 ubuntu-local-machine-1-lxc-6 *
1447090594 00:16:3e:55:7d:e2 10.0.6.95 ubuntu-local-machine-1-lxc-5 *
1447090695 00:16:3e:3c:d6:ec 10.0.6.131 ubuntu-local-machine-1-lxc-4 *
1447090608 00:16:3e:f5:cd:d3 10.0.6.246 ubuntu-local-machine-1-lxc-3 *
1447090942 00:16:3e:33:2e:41 10.0.6.172 ubuntu-local-machine-1-lxc-2 *
1447090717 00:16:3e:0a:e0:f4 10.0.6.71 ubuntu-local-machine-1-lxc-1 *
1447091027 00:16:3e:ea:d7:26 10.0.6.253 ubuntu-local-machine-1-lxc-0 *
1447091597 52:54:00:20:fe:44 10.0.6.245 ubuntu-local-machine-1 *
1447091404 52:54:00:fa:65:ec 10.0.6.40 ubuntu-local-machine-2 *
|
ubuntu@openstack-single-root:~$ su ubuntu
Password:
ubuntu@openstack-single-root:~$ JUJU_HOME=~/.cloud-install/juju juju status
environment: local
machines:
"0":
agent-state: started
agent-version: 1.25.0.1
dns-name: localhost
instance-id: localhost
series: trusty
state-server-member-status: has-vote
"1":
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.245
instance-id: ubuntu-local-machine-1
series: trusty
containers:
1/lxc/0:
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.253
instance-id: ubuntu-local-machine-1-lxc-0
series: trusty
hardware: arch=amd64
1/lxc/1:
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.71
instance-id: ubuntu-local-machine-1-lxc-1
series: trusty
hardware: arch=amd64
1/lxc/2:
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.172
instance-id: ubuntu-local-machine-1-lxc-2
series: trusty
hardware: arch=amd64
1/lxc/3:
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.246
instance-id: ubuntu-local-machine-1-lxc-3
series: trusty
hardware: arch=amd64
1/lxc/4:
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.131
instance-id: ubuntu-local-machine-1-lxc-4
series: trusty
hardware: arch=amd64
1/lxc/5:
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.95
instance-id: ubuntu-local-machine-1-lxc-5
series: trusty
hardware: arch=amd64
1/lxc/6:
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.123
instance-id: ubuntu-local-machine-1-lxc-6
series: trusty
hardware: arch=amd64
1/lxc/7:
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.157
instance-id: ubuntu-local-machine-1-lxc-7
series: trusty
hardware: arch=amd64
hardware: arch=amd64 cpu-cores=2 mem=6144M root-disk=20480M
"2":
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.40
instance-id: ubuntu-local-machine-2
series: trusty
hardware: arch=amd64 cpu-cores=1 mem=4096M root-disk=40960M
"3":
agent-state: started
agent-version: 1.25.0.1
dns-name: 10.0.6.148
instance-id: ubuntu-local-machine-3
series: trusty
hardware: arch=amd64 cpu-cores=1 mem=2048M root-disk=20480M
services:
glance:
charm: cs:trusty/glance-24
exposed: false
service-status:
current: unknown
since: 10 Nov 2015 01:21:38+09:00
relations:
amqp:
- rabbitmq-server
cluster:
- glance
identity-service:
- keystone
image-service:
- nova-cloud-controller
- nova-compute
shared-db:
- mysql
units:
glance/0:
workload-status:
current: unknown
since: 10 Nov 2015 01:21:38+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:56:55+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
machine: 1/lxc/7
open-ports:
- 9292/tcp
public-address: 10.0.6.157
glance-simplestreams-sync:
charm: cs:trusty/glance-simplestreams-sync-3
exposed: false
service-status:
current: unknown
since: 10 Nov 2015 01:09:49+09:00
relations:
identity-service:
- keystone
units:
glance-simplestreams-sync/0:
workload-status:
current: unknown
since: 10 Nov 2015 01:09:49+09:00
agent-status:
current: executing
message: running commands
since: 10 Nov 2015 01:59:38+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
machine: 1/lxc/6
public-address: 10.0.6.123
keystone:
charm: cs:trusty/keystone-28
exposed: false
service-status:
current: unknown
since: 10 Nov 2015 01:21:11+09:00
relations:
cluster:
- keystone
identity-service:
- glance
- glance-simplestreams-sync
- neutron-api
- nova-cloud-controller
- openstack-dashboard
shared-db:
- mysql
units:
keystone/0:
workload-status:
current: unknown
since: 10 Nov 2015 01:21:11+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:57:01+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
machine: 1/lxc/2
public-address: 10.0.6.172
mysql:
charm: cs:trusty/mysql-28
exposed: false
service-status:
current: unknown
since: 10 Nov 2015 00:57:33+09:00
relations:
cluster:
- mysql
shared-db:
- glance
- keystone
- neutron-api
- neutron-gateway
- nova-cloud-controller
- nova-compute
units:
mysql/0:
workload-status:
current: unknown
since: 10 Nov 2015 00:57:33+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:58:11+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
machine: 1/lxc/0
public-address: 10.0.6.253
neutron-api:
charm: cs:trusty/neutron-api-17
exposed: false
service-status:
current: unknown
since: 10 Nov 2015 01:19:22+09:00
relations:
amqp:
- rabbitmq-server
cluster:
- neutron-api
identity-service:
- keystone
neutron-api:
- nova-cloud-controller
neutron-plugin-api:
- neutron-gateway
- neutron-openvswitch
shared-db:
- mysql
units:
neutron-api/0:
workload-status:
current: unknown
since: 10 Nov 2015 01:19:22+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:54:47+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
machine: 1/lxc/5
open-ports:
- 9696/tcp
public-address: 10.0.6.95
neutron-gateway:
charm: cs:trusty/neutron-gateway-5
exposed: false
service-status:
current: unknown
since: 10 Nov 2015 00:50:51+09:00
relations:
amqp:
- rabbitmq-server
cluster:
- neutron-gateway
juju-info:
- ntp
neutron-plugin-api:
- neutron-api
quantum-network-service:
- nova-cloud-controller
shared-db:
- mysql
units:
neutron-gateway/0:
workload-status:
current: unknown
since: 10 Nov 2015 00:50:51+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:56:20+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
machine: "3"
public-address: 10.0.6.148
subordinates:
ntp/0:
workload-status:
current: unknown
since: 10 Nov 2015 01:27:39+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:58:12+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
upgrading-from: cs:trusty/ntp-11
public-address: 10.0.6.148
neutron-openvswitch:
charm: cs:trusty/neutron-openvswitch-9
exposed: false
service-status: {}
relations:
amqp:
- rabbitmq-server
neutron-plugin:
- nova-compute
neutron-plugin-api:
- neutron-api
subordinate-to:
- nova-compute
nova-cloud-controller:
charm: cs:trusty/nova-cloud-controller-60
exposed: false
service-status:
current: unknown
since: 10 Nov 2015 01:26:36+09:00
relations:
amqp:
- rabbitmq-server
cloud-compute:
- nova-compute
cluster:
- nova-cloud-controller
identity-service:
- keystone
image-service:
- glance
neutron-api:
- neutron-api
quantum-network-service:
- neutron-gateway
shared-db:
- mysql
units:
nova-cloud-controller/0:
workload-status:
current: unknown
since: 10 Nov 2015 01:26:36+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:57:33+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
machine: 1/lxc/3
open-ports:
- 3333/tcp
- 8773/tcp
- 8774/tcp
- 9696/tcp
public-address: 10.0.6.246
nova-compute:
charm: cs:trusty/nova-compute-26
exposed: false
service-status:
current: unknown
since: 10 Nov 2015 00:53:12+09:00
relations:
amqp:
- rabbitmq-server
cloud-compute:
- nova-cloud-controller
compute-peer:
- nova-compute
image-service:
- glance
juju-info:
- ntp
neutron-plugin:
- neutron-openvswitch
shared-db:
- mysql
units:
nova-compute/0:
workload-status:
current: unknown
since: 10 Nov 2015 00:53:12+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:58:38+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
machine: "2"
public-address: 10.0.6.40
subordinates:
neutron-openvswitch/0:
workload-status:
current: unknown
since: 10 Nov 2015 01:28:04+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:58:53+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
upgrading-from: cs:trusty/neutron-openvswitch-9
public-address: 10.0.6.40
ntp/1:
workload-status:
current: unknown
since: 10 Nov 2015 01:29:47+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:55:11+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
upgrading-from: cs:trusty/ntp-11
public-address: 10.0.6.40
ntp:
charm: cs:trusty/ntp-11
exposed: false
service-status: {}
relations:
juju-info:
- neutron-gateway
- nova-compute
ntp-peers:
- ntp
subordinate-to:
- neutron-gateway
- nova-compute
openstack-dashboard:
charm: cs:trusty/openstack-dashboard-16
exposed: false
service-status:
current: unknown
since: 10 Nov 2015 01:21:42+09:00
relations:
cluster:
- openstack-dashboard
identity-service:
- keystone
units:
openstack-dashboard/0:
workload-status:
current: unknown
since: 10 Nov 2015 01:21:42+09:00
agent-status:
current: idle
since: 10 Nov 2015 01:56:50+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
machine: 1/lxc/4
open-ports:
- 80/tcp
- 443/tcp
public-address: 10.0.6.131
rabbitmq-server:
charm: cs:trusty/rabbitmq-server-34
exposed: false
service-status:
current: unknown
since: 10 Nov 2015 01:07:51+09:00
relations:
amqp:
- glance
- neutron-api
- neutron-gateway
- neutron-openvswitch
- nova-cloud-controller
- nova-compute
cluster:
- rabbitmq-server
units:
rabbitmq-server/0:
workload-status:
current: unknown
since: 10 Nov 2015 01:07:51+09:00
agent-status:
current: executing
message: running update-status hook
since: 10 Nov 2015 01:59:36+09:00
version: 1.25.0.1
agent-state: started
agent-version: 1.25.0.1
machine: 1/lxc/1
open-ports:
- 5672/tcp
public-address: 10.0.6.71
ubuntu@openstack-single-root:~$
|
How can I access to the dashboard(10.0.6.131) from my laptop ( 192.168.0.4)
very complicated network environment,,, many nat...
laptop 192.168.0.4 --- 192.168.0.100 | LXC host | 10.0.3.1 -- 10.0.3.126 | ubuntu-juju01(container)| 10.0.4.1 -- 10.0.4.250 -- | openstack-single-root(container) | 10.0.6.1 -- 3 VMs/ 8 containers
configure destination nat like this.
- on the LXC host
root@ubuntu:~# lxc-ls -f
NAME STATE IPV4 IPV6 AUTOSTART
--------------------------------------------------------------------
ubuntu-juju01 RUNNING 10.0.3.126, 10.0.4.1 - NO
root@ubuntu:~# iptables -t nat -A PREROUTING -p tcp --dport 8080 -j DNAT --to 10.0.3.126:8080
- on the 'ubuntu-juju01' container.
root@ubuntu-juju01:~# lxc-ls -f
NAME STATE IPV4 IPV6 AUTOSTART
------------------------------------------------------------------------------------
openstack-single-root RUNNING 10.0.4.250, 10.0.6.1, 192.168.122.1 - YES
root@ubuntu-juju01:~# iptables -t nat -A PREROUTING -p tcp --dport 8080 -j DNAT --to 10.0.4.250:8080
- on the 'openstack-single-root' container
root@openstack-single-root:~# iptables -t nat -A PREROUTING -p tcp --dport 8080 -j DNAT --to 10.0.6.131:443
|
access to https://192.168.0.100:8080/horizon
okay, I was able to login to the horizon.
stop
on the ‘ubuntu-juju01’ container.
root@ubuntu-juju01:~# hostname
ubuntu-juju01
root@ubuntu-juju01:~# lxc-ls -f
NAME STATE IPV4 IPV6 AUTOSTART
------------------------------------------------------------------------------------
openstack-single-root RUNNING 10.0.4.250, 10.0.6.1, 192.168.122.1 - YES
root@ubuntu-juju01:~# lxc-stop -n openstack-single-root
root@ubuntu-juju01:~# lxc-ls -f
NAME STATE IPV4 IPV6 AUTOSTART
-----------------------------------------------------
openstack-single-root STOPPED - - YES
|
on the LXC host.
root@ubuntu:~# hostname
ubuntu
root@ubuntu:~# lxc-ls -f
NAME STATE IPV4 IPV6 AUTOSTART
--------------------------------------------------------------------
ubuntu-juju01 RUNNING 10.0.3.126, 10.0.4.1 - NO
root@ubuntu:~# lxc-stop -n ubuntu-juju01
root@ubuntu:~#
|
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.