OpenStack is an open-source platform used primarily for managing the hardware, storage, and network setup of your cloud environments through a web browser dashboard or a command line. In addition to management of your cloud, you can also build and deploy your instances.
In this tutorial, we will cover how to install OpenStack on CentOS 7. We will be logged in as the root user on an unmanagedCentOS 7 server with only LAMP stack installed on it.
1. Verify Your Server's Initial Configuration
Before installation, make sure that everything on the server is up to date by running the yum update command. This command will check repositories and notify you if anything needs to be updated.
[root@host ~]# yum update
The below prompt will indicate how many packages require updates after running the yum command. Press y and then Enter to install the necessary packages.
Transaction Summary ========================================================================================================== Install 2 Packages (+1 Dependent package) Upgrade 171 Packages Total download size: 606 M Is this ok [y/d/N]:
Disable Unnecessary Services
Stop and disable any services that we do not need by running the below command.
[root@host ~]# ss -tulpn
The result of the command will show a list of all running services and the ports on which they are listening, depending on which services are running on your server.
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port udp UNCONN 0 0 *:48219 *:* users:(("haproxy",pid=71524,fd=6),("haproxy",pid=71523,fd=6)) tcp LISTEN 0 128 *:22 *:* users:(("sshd",pid=940,fd=3)) tcp LISTEN 0 100 127.0.0.1:25 : users:(("master",pid=71392,fd=13)) tcp LISTEN 0 128 *:5000 *:* users:(("haproxy",pid=71524,fd=5)) tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=940,fd=4)) tcp LISTEN 0 100 [::1]:25 [::]:* users:(("master",pid=71392,fd=14)) tcp LISTEN 0 128 [::ffff:127.0.0.1]:9200 [::]:* users:(("java",pid=45448,fd=254)) tcp LISTEN 0 128 [::1]:9200 [::]:* users:(("java",pid=45448,fd=253)) tcp LISTEN 0 128 [::ffff:127.0.0.1]:9300 [::]:* users:(("java",pid=45448,fd=251)) tcp LISTEN 0 128 [::1]:9300 [::]:* users:(("java",pid=45448,fd=250))
Only the SSH daemon should remain active. Therefore, I will disable everything except the SSH daemon, including the HAProxy load balancer and Elasticsearch (running under Java), with the command below.
[root@host ~]# systemctl stop haproxy && systemctl disable haproxy; systemctl stop elasticsearch.service && systemctl disable elasticsearch.service
Once you disable all the unnecessary services, rerun the ss-tulpn command from above. If only the SSH daemon remains, the output will look like this. If you see more than just the SSH daemon, repeat the disable process and recheck the active services.
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port tcp LISTEN 0 128 *:22 *:* users:(("sshd",pid=940,fd=3)) tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=940,fd=4))
If the SSH daemon is the only service left on the list, you are ready to move to the next step.
Check if SELinux is Disabled
Check if security-enhanced Linux (SELinux) is enabled on your server by running the getenforce command. If it is disabled, the output will return Disabled.
[root@host ~]# getenforce Disabled
If SELinux is still enabled, the output will return Enforcing.
[root@host ~]# getenforce Enforcing
Red Hat can help you set SELinux to permissive or disabled.
Set Your System Hostname
The last step in the initial configuration is to set your hostname to match a fully qualified domain name (FQDN) on which your OpenStack installation will run.
Change set-hostname to your preferred hostname.
[root@host ~]#hostnamectl set-hostname host.OpenStack.lan
Since no output is produced, verify you set your hostname correctly by using the following command.
[root@host ~]# hostname -f
The output will show you the name of the current hostname. If it shows your preferred hostname, then you are up to date.
2. Install OpenStack with PackStack Package
PackStack deploys different components of OpenStack on CentOS and Red Hat Enterprise Linux (RHEL) servers. First, we need to enable the RDO (RPM Distribution of OpenStack) repository with this command.
[root@host ~]# yum install https://www.rdoproject.org/repos/rdo-release.rpm
When prompted, press y and then Enter to get the result below.
Running transaction Installing : rdo-release-train-1.noarch 1/1 Verifying : rdo-release-train-1.noarch 1/1 Installed: rdo-release.noarch 0:train-1 Complete!
Now use yum to install the PackStack package. The output for this command will be relatively large.
[root@host ~]# yum install openstack-packstack
After the output below appears, press y and then Enter.
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Cloud Importing GPG key 0x764429E6: Userid : "CentOS Cloud SIG (http://wiki.centos.org/SpecialInterestGroup/Cloud) email@example.com" Fingerprint: 736a f511 6d9c 40e2 af6b 074b f9b9 fee7 7644 29e6 Package : rdo-release-train-1.noarch (@/rdo-release) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Cloud
Once the key is retrieved, you will see the below output, which indicates the PackStack package has been installed.
Installed: openstack-packstack.noarch 1:15.0.1-2.el7 Complete!
3. OpenStack Cloud Configuration File
Create a Configuration File
To generate a configuration file within PackStack, run the following command.
[root@host ~]# packstack --gen-answer-file=$(date +"%d.%m.%y").conf
This command will make sure the generated file includes the date of creation, as is shown below.
Packstack changed given value to required value /root/.ssh/id_rsa.pub Additional information: Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS or FWaaS services. Geneve will be used as the encapsulation method for tenant networks
Find your newly created configuration file by using the ls command. As shown below, our configuration file is 22.06.21.conf.
[root@host ~]# ls 22.06.21.conf haproxy.tar.gz results1.nmap results.gnmap results.xml haproxy-2.3.10 results1.gnmap results1.xml results.nmap
Edit Configuration File
Now we will use a text editor to edit the configuration file. Open the 22.06.21.conf file and update any lines containing passwords where appropriate.
[root@host ~]# vi 22.06.21.conf
Update the remaining parameters as shown below but incorporating your own passwords.
After editing, save and close the file with the :wq command in your editor.
Lastly, update the file to allow root login. Open the file with the editor.
[root@host ~]# vi /etc/ssh/sshd_config
A line of code beginning with the pound sign (#) is a comment within the code and not read by the system. Remove the pound sign in front of the PermitRootLogin yes line to make it active, as shown below. Save your changes once complete.
#LoginGraceTime 2m PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #MaxSessions 10
Lastly, restart the SSH daemon.
[root@host ~]# systemctl restart sshd
4. How to Install OpenStack
Finally, we can start the OpenStack Installation. Use the configuration file just edited and run the below command.
[root@host ~]# packstack --answer-file 22.06.21.conf
The install process will take some time, but you will see various services installed throughout the process. The generated output is shown below.
Preparing Ceilometer entries [ DONE ] Preparing Aodh entries [ DONE ] Preparing Puppet manifests [ DONE ] Copying Puppet modules and manifests [ DONE ] Applying 220.127.116.11_controller.pp 18.104.22.168_controller.pp: [ DONE ] Applying 22.214.171.124_network.pp 126.96.36.199_network.pp: [ DONE ] Applying 188.8.131.52_compute.pp 184.108.40.206_compute.pp: [ DONE ] Applying Puppet manifests [ DONE ] Finalizing [ DONE ] **** Installation completed successfully ****** Additional information: * File /root/keystonerc_admin has been created on OpenStack client host 220.127.116.11. To use command line tools you need to source the file. * NOTE : A certificate was generated to be used for SSL, You should change the SSL certificate configured in /etc/httpd/conf.d/ssl.conf on 18.104.22.168 to use CA signed cert. * To access the OpenStack Dashboard browse to http://22.214.171.124/dashboard. Please, find your login credentials stored in the keystonerc_admin in your home directory. The installation log file is available at: /var/tmp/packstack/20210622-135452-6hMTPK/openstack-s etup.log
5. Launch the OpenStack Dashboard
Type in the following into your browser. Replace the IP address shown below with your own.
The OpenStack login screen will appear.
Input admin as the username and the password established in the configuration file. Click Sign In.
A successful login will show the OpenStack dashboard.
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.