Tuesday, November 12, 2013
Now that you have Rackspace Private Cloud installed, it is time to spin up your first OpenStack Instance, but there are several things you should do beforehand so you can fully utilize your OpenStack Instance.
In addition, the following steps assume you have arrived at this post from one of the following posts:
You can access the Horizon Dashboard by opening a web browser and browsing to http://192.168.236.20. Log in with Username admin and Password secrete.
The Horizon Dashboard is fairly intuitive and most of the remaining steps can be performed through it, but since the true power of OpenStack is through the command line tools and its API, the remaining steps will use the command line tools.
Start by logging back into your controller1 node:
vagrant ssh controller1
Log in as the root user and stay logged in as root throughout this post (the root password is vagrant):
In root’s home directory is an openrc file which contains the necessary credentials to use the OpenStack APIs. Source this file into your environment:
A base Rackspace Private Cloud install does not include any OpenStack images and without any images you will not be able to boot any OpenStack Instances. There are many pre-built OpenStack images available from all of the major Linux distributions.
In this post you will be uploading the Ubuntu Server 12.04 LTS cloud image into the Glance Repository.
Upload the Ubuntu Server 12.04 LTS cloud image by running the following command:
glance image-create --name ubuntu-server-12.04 --is-public true --container-format bare --disk-format qcow2 --copy-from http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img
You can monitor the upload progress by running
glance image-list from the controller1 node.
Each OpenStack Instance you spin up is assigned to the default Nova Security Group, which essentially contains iptables rules. An OpenStack Instance can be assigned to as many Nova Security Groups as needed, but for now you will focus on the default Nova Security Group.
By default there are no rules in the default Nova Security Group. You will need to allow ICMP traffic to test network connectivity and SSH traffic to log into your OpenStack Instance.
Create rules to allow ICMP and SSH traffic with the following commands:
nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
At the end of this post, you will be creating an OpenStack Instance from the ubuntu-server-12.04 image you uploaded into Glance. Because the compute1 node has a finite amount of CPU and RAM available, I typically use the m1.tiny flavor, but the ubuntu-server-12.04 will not boot with this flavor because the root disk size is too small. So, you will create a new similar flavor that contains enough root disk space.
Create a new flavor called m1.custom with an ID of auto, 512 MB of RAM, 5 GB of root disk space, and 1 vCPU with the following command:
nova flavor-create m1.custom auto 512 5 1
The OpenStack Instances you spin up will be given IP addresses in the 192.168.205.0/24 network which is a private network on your compute1 node. You will not be able to communicate with any OpenStack Instances in this network from your workstation. However, you can communicate with the 192.168.236.0/24 network from your workstation. So, you are going to use 16 contiguous IP addresses from this network and create a floating IP pool. Once this floating IP pool is created, you can assign your OpenStack Instances a floating IP address so you can communicate with them from your workstation.
From the controller1 node, create a floating IP pool with the following command:
nova-manage floating create 192.168.236.64/28 public
You now have a floating IP pool called public. There are 14 useable IP addresses that can be assigned to any OpenStack Instances you spin up.
To allocate floating IP addresses from the public floating IP pool, run
nova floating-ip-create public. This command is a bit odd in that if you need three floating IP addresses, you would run the command three times. If you need another floating IP address, you would run the command again. To see all of the allocated floating IP addresses, run
Most OpenStack cloud images have password-based log in turned off. This is partly a security measure so there are not OpenStack cloud images created and left running with default passwords. So, to log in to an OpenStack Instance you will need to create an SSH keypair.
If you already have an SSH keypair created, you can skip this paragraph. On your workstation, open your terminal application and run
ssh-keygen. You can accept all of the default settings. I would recommend setting a password on your SSH private key, but for now create it without a password.
On your workstation, in your home directory, you should now have a .ssh directory and inside that directory will be two files: id_rsa and id_rsa.pub. id_rsa is the SSH private key and should only exist on your workstation. id_rsa.pub is the SSH public key and can be copied to any server you want to access. Open id_rsa.pub in a text editor and copy all of its contents to your clipboard.
On the controller1 node, use vim, nano, or another command line text editor to create a file, copy the contents from your clipboard into the file, and save the file as workstation.pub.
Then, from the controller1 node, upload the SSH public key to the nova keypair database by running the following command:
nova keypair-add --pub_key workstation.pub workstation
With this SSH public key in the nova keypair database, you can assign it to OpenStack Instances upon creation so you can log in via SSH.
You are now ready to spin up your first OpenStack Instance.
On the controller1 node, create the OpenStack Instance by running the following command:
nova boot test1 --image ubuntu-server-12.04 --flavor m1.custom --key-name workstation
Because you are using software virtualization, it may take a couple of minutes for the OpenStack Instance to be created. You can monitor the progress by running
nova console-log test from the controller1 node.
Lastly, you are going to assign a floating IP address to your OpenStack Instance so you can communicate with it from your workstation. If you don’t assign a floating IP address to your OpenStack Instance, you can only communicate with it from the compute1 node.
On the controller1 node, run
nova add-floating-ip test1 192.168.236.65. This will assign the 192.168.236.65 floating IP address to the test1 OpenStack Instance.
After a couple of seconds, the floating IP address will be assigned.
With your OpenStack Instance booted and a floating IP address assigned to it, you should be able to open the terminal application on your workstation and ping or SSH into your OpenStack Instance at IP address 192.168.236.65.
Log in via SSH as user ubuntu.