<<< Install OS and customize Keystone >>>
Add openstack packages repository – On all nodes.
add-apt-repository -y cloud-archive:train
apt update
apt -y upgrade
On the controller node
apt install -y python3-openstackclient
Add MariaDB repository and install version 10.5 (controller node only)
wget https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
chmod +x mariadb_repo_setup
./mariadb_repo_setup --mariadb-server-version="mariadb-10.5"
apt update
apt -y upgrade
apt install -y mariadb-server python-pymysql
Create /etc/mysql/mariadb.conf.d/99-openstack.cnf with following contents. Note : innodb_buffer_pool_size depends on memory available in server, in my case 224G was available. Default is 128M for – Typical home labs that should be enough.
[mysqld]
# Bind address will typically be the management IP of the controller node
bind-address = 10.99.1.3
# Size depends on the resources available - You can leave it to default by not adding the config
innodb_buffer_pool_size = 8G
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
Restart mariadb
service mysql restart
Better to disable root login from remote systems
mysql_secure_installation
Interactions as shown below
Enter current password for root (enter for none): (Just pressed enter as no password is set)
Switch to unix_socket authentication [Y/n] n
Change the root password? [Y/n] n
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y
For every service we will be creating a service account
typically involving a password. For simplicity I used a
standard password 'password' for all password needs.
Install message queue component, add user account and set permissions (controller node only)
apt install -y rabbitmq-server
rabbitmqctl add_user openstack password
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
systemctl enable rabbitmq-server.service
Install memcached (controller node only)
apt install -y memcached python-memcache
Edit the /etc/memcached.conf file and configure the service to use the management IP address of the controller node. This is to enable access by other nodes via the management network. Replace -l 127.0.0.1 to -l 10.99.1.3 (management IP address of host) and restart memcached
systemctl enable memcached
service memcached restart
Install etcd (controller node only)
apt install -y etcd
Edit the /etc/default/etcd file and set the ETCD_INITIAL_CLUSTER, ETCD_INITIAL_ADVERTISE_PEER_URLS, ETCD_ADVERTISE_CLIENT_URLS, ETCD_LISTEN_CLIENT_URLS to the management IP address of the controller node to enable access by other nodes via the management network. All default configurations were commented. So added the following
ETCD_NAME="controller"
ETCD_DATA_DIR="/var/lib/etcd"
ETCD_INITIAL_CLUSTER_STATE="new"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER="controller=http://10.99.1.3:2380"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://10.99.1.3:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://10.99.1.3:2379"
ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380"
ETCD_LISTEN_CLIENT_URLS="http://10.99.1.3:2379"
Restart etcd
systemctl enable etcd
systemctl restart etcd