Skip to Content

Dokumentasi Lab-Installing Openstack

Table of Contents

A. Install Openstack menggunakan packstack

1. Login Server Menggunakan SSH

  • #ssh -l root <ip_server> -p <port_ssh> -D 5000

2. Generate ssh key pada node controller

  • ssh-keygen

copy ssh public key ke node controller dan compute1 menggunakan user root dan passwordnya

  • ssh-copy-id root@<ip_node_controller>
  • ssh-copy-id root@<ip_node_compute

3. Set Hostname node controller dan compute

**CATATAN**
nomor 3 - 9 konfigurasi pada node controller dan compute
  • nano /etc/hosts masukan host node controller, contoh masukkan 10.10.139.3 student-allinone student-allinone.id dibagian bawahnya 10.10.139.4 student-compute student-compute.id

4. Verifikasi repository dan upgrade semua packer

  • yum repolist
  • yum -y upgrade

5. Aktifkan NTP server

  • yum -y install chrony
  • systemctl enable chronyd
  • systemctl restart chronyd
  • systemctl status chronyd
  • chronyc sources

6. Disable Firewall

  • systemctl stop firewalld.service
  • systemctl disable firewalld.service
  • systemctl status firewalld.service

7. Disable NetworkManager

  • systemctl stop NetworkManager.service
  • systemctl disable NetworkManager.service
  • systemctl status NetworkManager.service

8. Aktifkan Network.service

  • systemctl enable network.service
  • systemctl restart network.service
  • systemctl status network.service

9. Install tool tambahan

  • yum -y install wget nano crudini screen

10. Buat partisi untuk openstack storage (cinder dan swift)

**CATATAN**
dari nomor 10 sampai seterusnya konfigurasi untuk node controller
  • fdisk /dev/vdb
buat seperti tabel dibawah
device|size | type
------|-----|-------
 vdb1 | 40G | 8e (Linux LVM)
 vdb2 | 4G  | 83 (Linux)
 vdb3 | 4G  | 83 (Linux)
  • partprobe
  • fdisk -l

11. Buat Volume Group untuk Cinder

  • yum -y install lvm2
  • pvcreate -f /dev/vdb1
  • pvs
  • vgcreate -f cinder-volumes /dev/vdb1
  • vgs

12. Buat filesystem XFS untuk Swift

  • mkfs.xfs /dev/vdb2
  • mkfs.xfs /dev/vdb3
  • mkfs.xfs /dev/vdb4

13. Install openstack-packstack dan openstack-utils

  • yum -y install openstack-packstack openstack-utils

14. Generate SSL key dan certificate

  • openssl req -x509 -sha256 -newkey rsa:2048 -keyout selfkey.key -out selfcert.crt -days 1024 -nodes
  • cp selfkey.key /etc/pki/tls/private/
  • cp selfcert.crt /etc/pki/tls/certs
  • mkdir -p /root/packstackca/certs/
  • cp selfcert.crt /root/packstackca/certs/10.10.139.3ssl_vnc.crt

15. Generate Packstack answer file

  • packstack --gen-answer-file=answer.txt

16. Edit answer file

  • nano answer.txt
** cari dan sesuaikan **

CONFIG_DEFAULT_PASSWORD=redhat
CONFIG_HEAT_INSTALL=y
CONFIG_COMPUTE_HOSTS=10.10.X.3,10.10.X.4
CONFIG_SSL_CERT_DIR=/root/packstackca/
CONFIG_KEYSTONE_ADMIN_PW=redhat
CONFIG_CINDER_VOLUMES_CREATE=n
CONFIG_NOVA_LIBVIRT_VIRT_TYPE=kvm
CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan,flat 
CONFIG_NEUTRON_ML2_FLAT_NETWORKS=physnet1 
CONFIG_NEUTRON_ML2_VXLAN_GROUP=239.1.1.2 
CONFIG_NEUTRON_ML2_VNI_RANGES=1001:2000 
CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=physnet1:br-ex 
CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:eth1 
CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE=br-ex
CONFIG_HORIZON_SSL=y
CONFIG_SWIFT_STORAGES=/dev/vdb2,/dev/vdb3,/dev/vdb4 
CONFIG_SWIFT_STORAGE_REPLICAS=2 
CONFIG_SWIFT_STORAGE_FSTYPE=xfs
CONFIG_PROVISION_DEMO=n

17. Jalankan screen dan jalankan packstack di dalam screen

  • screen -R <nama_screen>
  • packstack --answer-file=answer.txt

18. Rubah enable_isolated_metadata di DHCP agent file

  • crudini --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
  • systemctl restart neutron-dhcp-agent
  • systemctl status neutron-dhcp-agent

19. Jalankan dan aktifkan virtlog service

  • systemctl status virtlogd
  • systemctl enable virtlogd
  • systemctl restart virtlogd
  • systemctl status virtlogd

20. Edit Horizon SSL httpd

  • nano /etc/httpd/conf.d/15-horizon_ssl_vhost.conf
**cari dan edit agar seperti berikut **

SSLCertificateFile      "/etc/pki/tls/certs/selfcert.crt"   
SSLCertificateKeyFile   "/etc/pki/tls/private/selfkey.key" 
  • systemctl restart httpd

21. Edit Nova console auth ssl configuration

  • crudini --set /etc/nova/nova.conf DEFAULT cert /etc/pki/tls/certs/selfcert.crt
  • crudini --set /etc/nova/nova.conf DEFAULT key /etc/pki/tls/private/selfkey.key
  • systemctl restart openstack-nova-consoleauth.service openstack-nova-novncproxy.service

22. Konfirmasi paket openstack telah diinstall

  • yum list installed openstack\*

23. Verifikasi instalasi openstack

  • openstack-status

24. Verifikasi openstack service

  • openstack-service status nova
  • openstack-service status glance
  • openstack-service status neutron
  • openstack-service status cinder

25. Menampilkan Hypervisor yang digunakan

  • source keystonerc_admin
  • openstack hypervisor list

26. Menampilkan agent Neutron dan statusnya

  • neutron agent-list

B. Membuat Project, user project

Dari node controller , gunakan keystone credetials di /root/keystonerc_admin, dan buat resource pada tabel dibawah. openstack project

1. Gunakan Keystone rc admin

  • source ~/keystonerc_admin

2. Buat Project dengan nama lab

  • openstack project create lab
[Penulisan] openstack project create <nama-project>

3. Buat User dengan nama cloud-lab

  • openstack user create --project lab --password redhat cloud-lab
[penulisan] openstack user create --project <nama-project> \
--password <isi-password> <nama-user>

4. Beri role admin pada user di project lab

  • openstack role add --project lab --user cloud-lab admin
[penulisan] openstack role add --project <nama-project> \
--user <nama-user> <role>

5. Buat keystone credential file untuk user cloud-lab.

  • nano /root/keystonerc_cloud-lab
unset OS_SERVICE_TOKEN 
export OS_USERNAME=cloud-lab 
export OS_PASSWORD=redhat 
export OS_AUTH_URL=http://10.10.X.3:5000/v2.0 
export PS1='[\u@\h \W(keystone_cloud-lab)]\$ ' 

export OS_TENANT_NAME=lab 
export OS_REGION_NAME=RegionOne

simpan file di /root/keystonerc_cloud-lab

C. Membuat Image

1. Gunakan keystonerc_cloud-lab

  • source ~/keystonerc_cloud-lab

2. gunakan perintah wget untuk mengunduh image rhel-7

  • wget \ http://repo.redhattalent.id:10280/image/rhel-server-7.8-x86_64-kvm-redhattalent.qcow2

3. import image ke repository glance.

  • openstack image create --disk-format qcow2 --file rhel-server-7.8-x86_64-kvm-redhattalent.qcow2 rhel7-image
[penulisan] openstack image create --disk-format <format> \
--file <nama-file> <nama-image>

D. Membuat Network dan Subnet public

Gunakan keystonerc_admin untuk membuat jaringan eksternal, nama jaringan eksternal adalah public dan nama subnet subpub, tandai sebagai eksternal. buat jaringan seperti pada tabel berikut. membuat network public hanya bisa digunakan pada user admin yaa tabel jaringan eksternal

1. Gunakan keystonerc_admin

  • source keystonerc_admin

2. Buat network public

  • openstack network create public --external --share --provider-network-type flat --provider-physical-network physnet1
  [penulisan] 
  openstack network create <nama-network> \
  --external --share --provider-network-type <type-network> \
  --provider-physical-network <type-physical-network>

3. Buat Subnet public

  • openstack subnet create subpub --subnet-range 10.20.139.0/24 --no-dhcp --gateway 10.20.139.1 --allocation-pool start=10.20.139.60,end=10.20.139.80 --network public
[penulisan]
openstack subnet create <nama-subnet> --subnet-range <ip-network> \
--no-dhcp --gateway <ip-gateway> \
--allocation-pool start=<ip-pool-awal>,end=<ip-pool-akhir> \
--network <nama-network>

E. Membuat Router, Network Private dan Subnet Private (local)

Gunakan user project cloud-lab dan buat router

1. Gunakan keystonerc_cloud-lab

  • source keystonerc_cloud-lab

2. Buat Router

  • openstack router create router1
[penulisan] openstack router create <nama-router>

3. Buat network private

  • openstack network create lab
[penulisan] openstack network create <nama-network>

4. Buat subnet Private

  • openstack create subnet sublab --subnet-range 192.168.0.0/24 --dhcp --network lab
[penulisan] openstack create subnet <nama-subnet> \
--subnet-range <ip-network> --dhcp --network <nama-network>

5. Hubungkan router ke network private

Hubungkan router ke network private sublab

  • openstack router add subnet router1 sublab
[penulisan] openstack router add subnet <nama-router> <nama-subnet-private>

F. Membuat security rule dan membuat keypair ssh

Roles untuk menentukan roles dalam mengakses Instances gunakan user cloud-lab, buat security rule di default security group, biarkan remote via ssh, dan buat kunci ssh yaitu lab-keypair, rumah permission lab-keypair.pem menggunakan perintah chmood dengan nilai 600. lihat detail tabel berikut. Openstack Security Resources

1. Gunakan user cloud-lab

  • source keystonerc_cloud-lab

2. Cari ID project lab

  • openstack project list

3. Cari ID dari security group default di project lab

Cari ID dari security group default di project lab. cari security group id menggunakan id project

  • openstack security group list -f json

4. Tambahkan rule security group

Tambahkan rule security group di default security group untuk remote via ssh. Gunakan ID security group dari command sebelumnya

  • openstack security group rule create --protocol tcp --dst-port 22 ba8348cb-6d57-4f53-a141-54818e3723fe

5. Buat keypair

Buat Keypair nama lab-keypair dan gunakan perintah chmod rubah attribute file dari keypair tadi.

  • openstack keypair create lab-keypair > lab-keypair.pem
  • chmod 600 lab-keypair.pem

G. Membuat Instance

Gunakan user cloud-lab, buat instance rhel7-instance, perhatikan tabel berikut: Resource Instance

1. Buat Instance

Buat instance dengan menggunakan resources yang dibuat sebelumnya, seperti image, network, keypair dan lain-lain.

  • openstack server create --image rhel7-image --flavor m1.small --key-name lab-keypair --nic net-id=lab --wait rhel7-instance
[penulisan]
openstack server create <nama-instance> --image <nama-image> \
--flavor <nama-flavor> --key-name <nama-keypair> \
--nic net-id=<nama-network> --wait

2. Lihat status instance

  • openstack server list

H. Membuat floating IP

Gunakan user cloud-lab, buat floating IP dengan ip 10.20.139.28 associate floating ip ke instance rhel7-instance

1. Gunakan user cloud-lab

  • source keystonerc_cloud-lab

2. Buat floating ip

Dari pool floating ip public, buat floating ip dengan ip 10.20.139.28

  • openstack floating ip create --floating-ip-address 10.20.139.28 public
[penulisan]
openstack floating ip create --floating-ip-address <ip-address> <nama-network-public>

3. verifikasi bahwa ip address sukses di tabmahkan

  • openstack server list

I. Remote instance menggunakan ssh

Gunakan perintah ssh dengan kunci untuk menghubungkan dengan instance.

  • ssh -i lab-keypair.pem cloud-user@10.20.139.28

J. Memberi quota pada project

Pada project lab batasi atau berikan quota 4 VCPUs, RAM 7500MB dan 4 instances

  • openstack quota set --project lab --cores 4 --instances 4 --ram 7500
[penulisan]
openstack quota set --project <nama-project> \
--cores <jumlah-core> --instances <jumlah-instance> \
--ram <jumlah-ram-satuan-MB>
comments powered by Disqus