Book Image

Production Ready OpenStack - Recipes for Successful Environments

By : Arthur Berezin
Book Image

Production Ready OpenStack - Recipes for Successful Environments

By: Arthur Berezin

Overview of this book

OpenStack is the most popular open source cloud platform used by organizations building internal private clouds and by public cloud providers. OpenStack is designed in a fully distributed architecture to provide Infrastructure as a Service, allowing us to maintain a massively scalable cloud infrastructure. OpenStack is developed by a vibrant community of open source developers who come from the largest software companies in the world. The book provides a comprehensive and practical guide to the multiple uses cases and configurations that OpenStack supports. This book simplifies the learning process by guiding you through how to install OpenStack in a single controller configuration. The book goes deeper into deploying OpenStack in a highly available configuration. You'll then configure Keystone Identity Services using LDAP, Active Directory, or the MySQL identity provider and configure a caching layer and SSL. After that, you will configure storage back-end providers for Glance and Cinder, which will include Ceph, NFS, Swift, and local storage. Then you will configure the Neutron networking service with provider network VLANs, and tenant network VXLAN and GRE. Also, you will configure Nova's Hypervisor with KVM, and QEMU emulation, and you will configure Nova's scheduler filters and weights. Finally, you will configure Horizon to use Apache HTTPD and SSL, and you will customize the dashboard's appearance.
Table of Contents (16 chapters)
Production Ready OpenStack - Recipes for Successful Environments
About the Author
About the Reviewers

Configuring hosts prerequisites

Every host running OpenStack services should have the following prerequisite configurations to successfully deploy OpenStack.

Getting ready

To successfully install OpenStack, every host needs to follow a few steps for the configuration. Every host needs to configure RDO yum repository from which we are going to install OpenStack packages. This can be done by manually configuring yum repository /etc/yum.repos.d/OpenStack.repo or installing them directly from RDO repository.

In addition, every node needs to enable firewalld service, enable SELinux and install OpenStack SELinux policies, enable and configure NTP, and also install the OpenStack utils package.

How to do it...

Perform the following steps to install and configure OpenStack prerequisites:

Yum repositories

To install OpenStack RDO distribution, we need to add RDO's yum repository on all nodes and epel, yum repository for additional needed packages:

  1. Install yum-plugin-priorities packages, which enables repositories management in yum:

    # yum install yum-plugin-priorities -y
  2. Install rdo-release package, which configures RDO repos in /etc/yum.repos.d:

    # yum install -y
  3. Install epel repository package, which configures epel repos in /etc/yum.repos.d:

    # yum install -y epel-release

Firewall service

The default netfilter firewalld service in CentOS 7.0 is firewall. For security reasons, we need to make sure that firewalld service is running and enabled, so it is started after reboot:

  1. Start firewalld service as follows:

    # systemctl start firewalld.service
  2. Enable firewalld service, as follows, so that it's started after host reboot as well:

    # systemctl enable firewalld.service


Throughout this book, we will open ports needed for OpenStack to operate using the firewalld-cmd command.

openstack-utils Package

openstack-utils package brings utilities that ease OpenStack configuration and management of OpenStack services. openstack-utils includes the following utilities:

  • /usr/bin/openstack-config: Manipulates OpenStack configuration files

  • /usr/bin/openstack-db: Creates databases for OpenStack services

  • /usr/bin/openstack-service: Control-enabled OpenStack services

  • /usr/bin/openstack-status: Show status overview of installed OpenStack

Install openstack-utils package:

# yum install openstack-utils


It is highly recommended to ensure that SELinux is enabled and in an enforcing state. the package openstack-selinux adds SELinux policy modules for OpenStack services.

  1. Ensure that SELinux is enforcing, and run the getenforce command as follows:

    # getenforce 

    The output should say SELinux is enforcing

  2. Install openstack-selinux package:

    # yum install openstack-selinux


OpenStack services are deployed over multiple nodes. For services' successful synchronization, all nodes running OpenStack need to have a synchronized system clock, and NTP service can be used for this:

  1. Install ntpd package as follows:

    # yum install ntp
  2. Start and enable ntpd as follows:

    # systemctl start ntpd
    # systemctl enable ntpd