OpenStack is an open source solution that enables companies to deploy resources within a shortest time possible similar to commercially available cloud environments. The development of this solution is under Openstack foundation. Openstack is able to control large pools of compute, networking, and storage resources, all managed through APIs or a dashboard.
If you’re interested in building Infrastructure as a Service (IaaS) platforms – both private and public cloud, OpenStack is a solution you should consider. It comes with a dashboard (Horizon) that gives administrators control of the systems while empowering end users and tenants to provision resources through a web interface. Command line interface and REST API is also available for management and resources provisioning.
In this article we shall perform an installation of OpenStack cloud platform using Packstack. This can only be used in Development and to demo capabilities of OpenStack to potential customers. It is not recommended to deploy Production OpenStack cloud platform using Packstack. For such applications consider other solutions such as TripleO, Kolla-ansible, OpenStack Charms, OpenStack Kayobe, Mirantis Fuel, Red Hat OpenStack, or any other solution of such magnitude.
Install OpenStack using Packstack on Rocky Linux / AlmaLinux 8
Packstack is command line tool that uses Puppet modules to deploy various parts of OpenStack on multiple pre-installed servers over SSH automatically. It only supports deployment of OpenStack on RHEL based systems, i.e CentOS, Red Hat Enterprise Linux (RHEL), Rocky Linux, AlmaLinux, e.t.c.
For this setup we’re using a server with the following hardware specifications.
CPU: Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz (12 Cores)
Memory: 128GB RAM
Disk: 2 x 1TB SSD
Network: 1Gbit
IPV4 Adresses: 1 x IPV4 + /27 Subnet (30 IPs)
It’s your responsibility to perform OS installation on the server prior to OpenStack installation on the system.
Step 1: Update System and set hostname
It’s a recommendation that correct hostname is set on the server.
sudo hostnamectl set-hostname openstack-node.example.com
Ensure local name resolution is working on your server. Also consider adding an A record if you have a working DNS server in your infrastructure. If no DNS server the settings can be mapped in hosts file.
$ sudo vi /etc/hosts
192.168.10.11 openstack-node.example.com
Disable SELinux:
sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config
If you’re performing the installation on Rocky Linux 8 / AlmaLinux 8, perform these extra steps:
# Disable Firewalld
sudo systemctl disable firewalld
sudo systemctl stop firewalld
# Install network-scripts package
sudo dnf install network-scripts -y
# Disable NetworkManager
sudo systemctl disable NetworkManager
sudo systemctl stop NetworkManager
# Start Network Service
sudo systemctl enable network
sudo systemctl start network
Update your OS packages with below command:
sudo dnf update -y
A reboot is a good option after a successful upgrade.
sudo reboot
Step 2: Configure OpenStack Yoga YUM Repository
As of the time this article is updated, the latest OpenStack release is Yoga. If you need more details on this OpenStack release refer to its official documentation.
sudo dnf -y install https://repos.fedorapeople.org/repos/openstack/openstack-yoga/rdo-release-yoga-1.el8.noarch.rpm
Confirm the repository has been added and usable on the system.
$ sudo dnf repolist
repo id repo name
advanced-virtualization CentOS-8 - Advanced Virtualization
appstream Rocky Linux 8 - AppStream
baseos Rocky Linux 8 - BaseOS
centos-nfv-openvswitch CentOS-8 - NFV OpenvSwitch
centos-rabbitmq-38 CentOS-8 - RabbitMQ 38
ceph-pacific CentOS-8 - Ceph Pacific
extras Rocky Linux 8 - Extras
openstack-yoga OpenStack Yoga Repository
Let’s update all packages on the system to the latest releases on the repos.
sudo dnf update -y
Step 3: Install Packstack package / generate answers file
Enable PowerTools / CRB repositories:
sudo dnf config-manager --enable powertools
Install packstack which is provided by openstack-packstack package.
sudo dnf install -y openstack-packstack
Confirm successful installation by querying for the version.
$ packstack --version
packstack 20.0.0
Command options:
$ packstack --help
If you need customized installation of OpenStack on Rocky Linux 9 / Rocky Linux 8 then generate answers
file which defines variables that modifies installation of OpenStack services.
sudo packstack --os-neutron-ml2-tenant-network-types=vxlan \
--os-neutron-l2-agent=openvswitch \
--os-neutron-ml2-type-drivers=vxlan,flat \
--os-neutron-ml2-mechanism-drivers=openvswitch \
--keystone-admin-passwd=StrongAdminPassword \
--nova-libvirt-virt-type=kvm \
--provision-demo=n \
--cinder-volumes-create=n \
--os-heat-install=y \
--os-swift-install=n \
--os-horizon-install=y \
--gen-answer-file /root/answers.txt
Set the Keystone / admin user password --keystone-admin-passwd
. If you don’t have extra storage for Cinder you can use loop device for volume group by cinder-volumes-create=y but performance will not be good. Above are the standard settings but you can pass as many options as it suites your desired deployment.
You can modify the answers file generated to add more options.
sudo vi /root/answers.txt
Step 4: Install OpenStack With Packstack
The easiest way is to deploy using default parameters and settings, this will configure the host as Controller and Compute.
#Disable the demo provisioning
sudo packstack --allinone --provision-demo=n
# With Demo
sudo packstack --allinone
If you’re using the contents in the answers file initiate deployment of OpenStack with the commands below:
sudo packstack --answer-file /root/answers.txt
Sample installation output extracted from out deployment:
Welcome to the Packstack setup utility
The installation log file is available at: /var/tmp/packstack/20220905-230443-accvjfxd/openstack-setup.log
Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries [ DONE ]
Setting up CACERT [ DONE ]
Preparing AMQP entries [ DONE ]
Preparing MariaDB entries [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries [ DONE ]
Preparing Glance entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries [ DONE ]
Preparing Nova API entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Preparing Nova Compute entries [ DONE ]
Preparing Nova Scheduler entries [ DONE ]
Preparing Nova VNC Proxy entries [ DONE ]
Preparing OpenStack Network-related Nova entries [ DONE ]
Preparing Nova Common entries [ DONE ]
Preparing Neutron API entries [ DONE ]
Preparing Neutron L3 entries [ DONE ]
Preparing Neutron L2 Agent entries [ DONE ]
Preparing Neutron DHCP Agent entries [ DONE ]
Preparing Neutron Metering Agent entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Preparing OpenStack Client entries [ DONE ]
Preparing Horizon entries [ DONE ]
Preparing Swift builder entries [ DONE ]
Preparing Swift proxy entries [ DONE ]
Preparing Swift storage entries [ DONE ]
Preparing Gnocchi entries [ DONE ]
Preparing Redis entries [ DONE ]
Preparing Ceilometer entries [ DONE ]
Preparing Aodh entries [ DONE ]
Preparing Puppet manifests [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 192.168.200.5_controller.pp
192.168.200.5_controller.pp: [ DONE ]
Applying 192.168.200.5_network.pp
192.168.200.5_network.pp: [ DONE ]
Applying 192.168.200.5_compute.pp
192.168.200.5_compute.pp: [ DONE ]
Applying 192.168.200.5_controller_post.pp
192.168.200.5_controller_post.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]
Step 5: Access OpenStack from CLI / Horizon Dashboard
After a successful installation OpenStack can be administered using openstack
CLI tool or from Web Dashboard. Take note of access details printed on the screen.
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS plugin. Geneve will be used as the encapsulation method for tenant networks
* A new answerfile was created in: /root/packstack-answers-20220906-132920.txt
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.200.5. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.200.5/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* Because of the kernel update the host 192.168.200.5 requires reboot.
* The installation log file is available at: /var/tmp/packstack/20220906-132920-0dgh5hr3/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20220906-132920-0dgh5hr3/manifests
Source keystonerc_admin file:
sudo -i
source ~/keystonerc_admin
List OpenStack services using commands shared below:
$ openstack service list
+----------------------------------+-----------+--------------+
| ID | Name | Type |
+----------------------------------+-----------+--------------+
| 30b78dc06b9f4aa0ad5239e656d33f46 | cinderv3 | volumev3 |
| 324eeb0f88e2474786f00ff5d5d64819 | aodh | alarming |
| 39c6ce97e8994234b6e42a9f34e8001e | neutron | network |
| 3ec7e0dc135c41cc81651f5bee276a03 | keystone | identity |
| 7da8184e096a440b810602d4cc5e964b | glance | image |
| 907720359882414c90cbdce33d2dcac8 | gnocchi | metric |
| 9b99c9f02cc345ce8d71635a5519113f | placement | placement |
| c8f1c94982a64146897307dd8e3c8af8 | swift | object-store |
| f856abaa681746f0b5bab1c0a8ec7365 | nova | compute |
+----------------------------------+-----------+--------------+
To access Horizon Dashboard use the URL: http://ServerIPAddress/dashboard. Login with admin as User Name and Keystone Admin Password in cat ~/keystonerc_admin
Step 6: Configure Neutron Networking
Check your primary interface on the server:
$ ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether f2:37:74:a4:77:ae brd ff:ff:ff:ff:ff:ff
inet 192.168.200.5/24 brd 192.168.200.255 scope global ens18
valid_lft forever preferred_lft forever
inet6 fe80::f037:74ff:fea4:77ae/64 scope link
valid_lft forever preferred_lft forever
3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 26:65:55:60:5b:aa brd ff:ff:ff:ff:ff:ff
4: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 96:12:ae:de:e9:40 brd ff:ff:ff:ff:ff:ff
inet6 fe80::9412:aeff:fede:e940/64 scope link
valid_lft forever preferred_lft forever
5: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether b2:bd:04:aa:2a:ae brd ff:ff:ff:ff:ff:ff
Migrate your primary interface network configurations to a bridge. These are the updated network configurations on my server.
$ sudo vi /etc/sysconfig/network-scripts/ifcfg-ens18
DEVICE=ens18
ONBOOT=yes
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex
$ sudo vi /etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE=br-ex
BOOTPROTO=none
ONBOOT=yes
TYPE=OVSBridge
DEVICETYPE=ovs
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
IPADDR=192.168.200.5
NETMASK=255.255.255.0
GATEWAY=192.168.200.1
DNS1=192.168.200.1
Once the configurations for the network are updated, create OVS bridge and add the interface.
sudo ovs-vsctl add-port br-ex ens18
Reboot after making the changes to confirm the settings are corrent:
sudo reboot
Since NetworkManager service was disabled it cannot be used to manage network configurations. To restart network service using network.service
.
sudo systemctl restart network.service
Confirm IP address information.
$ ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master ovs-system state UP group default qlen 1000
link/ether f2:37:74:a4:77:ae brd ff:ff:ff:ff:ff:ff
inet6 fe80::f037:74ff:fea4:77ae/64 scope link
valid_lft forever preferred_lft forever
3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 02:ab:a7:4f:0a:9d brd ff:ff:ff:ff:ff:ff
4: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether b2:bd:04:aa:2a:ae brd ff:ff:ff:ff:ff:ff
5: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 02:86:4d:4d:c0:40 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.5/24 brd 192.168.200.255 scope global br-ex
valid_lft forever preferred_lft forever
inet6 fe80::86:4dff:fe4d:c040/64 scope link
valid_lft forever preferred_lft forever
Create private network on OpenStack.
$ openstack network create private
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-09-06T12:03:11Z |
| description | |
| dns_domain | None |
| id | 6b311b90-3ee3-4ad8-a746-853d3952fabe |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| mtu | 1442 |
| name | private |
| port_security_enabled | True |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| provider:network_type | geneve |
| provider:physical_network | None |
| provider:segmentation_id | 11 |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | Internal |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2022-09-06T12:03:11Z |
+---------------------------+--------------------------------------+
Create a subnet for the private network:
$ openstack subnet create --network private --allocation-pool \
start=172.20.20.50,end=172.20.20.200 \
--dns-nameserver 8.8.8.8 --dns-nameserver 8.8.4.4 \
--subnet-range 172.20.20.0/24 private_subnet
+----------------------+--------------------------------------+
| Field | Value |
+----------------------+--------------------------------------+
| allocation_pools | 172.20.20.50-172.20.20.200 |
| cidr | 172.20.20.0/24 |
| created_at | 2022-09-06T12:04:27Z |
| description | |
| dns_nameservers | 8.8.4.4, 8.8.8.8 |
| dns_publish_fixed_ip | None |
| enable_dhcp | True |
| gateway_ip | 172.20.20.1 |
| host_routes | |
| id | b5983809-f905-4419-b995-91ec3e22b401 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | private_subnet |
| network_id | 6b311b90-3ee3-4ad8-a746-853d3952fabe |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2022-09-06T12:04:27Z |
+----------------------+--------------------------------------+
Create public network:
$ openstack network create --provider-network-type flat \
--provider-physical-network extnet \
--external public
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-09-06T12:05:27Z |
| description | |
| dns_domain | None |
| id | 81ef07c8-9925-46e4-a1b8-25d860ef32bc |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| mtu | 1500 |
| name | public |
| port_security_enabled | True |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| provider:network_type | flat |
| provider:physical_network | extnet |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | External |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2022-09-06T12:05:27Z |
+---------------------------+--------------------------------------+
Define subnet for the public network. It could be an actual public IP network.
$ openstack subnet create --network public --allocation-pool \
start=192.168.200.10,end=192.168.200.200 --no-dhcp \
--subnet-range 192.168.200.0/24 public_subnet
+----------------------+--------------------------------------+
| Field | Value |
+----------------------+--------------------------------------+
| allocation_pools | 192.168.200.10-192.168.200.200 |
| cidr | 192.168.200.0/24 |
| created_at | 2022-09-06T12:07:51Z |
| description | |
| dns_nameservers | |
| dns_publish_fixed_ip | None |
| enable_dhcp | False |
| gateway_ip | 192.168.200.1 |
| host_routes | |
| id | 7ee4595b-50cf-4074-9fa8-339376c4a71a |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | public_subnet |
| network_id | 81ef07c8-9925-46e4-a1b8-25d860ef32bc |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2022-09-06T12:07:51Z |
+----------------------+--------------------------------------+
Create a router that will connect public and private subnets.
$ openstack router create private_router
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-09-06T12:08:21Z |
| description | |
| external_gateway_info | null |
| flavor_id | None |
| id | dfc365da-ab4e-484a-91bb-c2727627d448 |
| name | private_router |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| revision_number | 0 |
| routes | |
| status | ACTIVE |
| tags | |
| updated_at | 2022-09-06T12:08:21Z |
+-------------------------+--------------------------------------+
Set external gateway as public network on the router.
openstack router set --external-gateway public private_router
Link private network to the router.
openstack router add subnet private_router private_subnet
Check to ensure network connectivity is working.
$ openstack router list
+--------------------------------------+----------------+--------+-------+----------------------------------+
| ID | Name | Status | State | Project |
+--------------------------------------+----------------+--------+-------+----------------------------------+
| dfc365da-ab4e-484a-91bb-c2727627d448 | private_router | ACTIVE | UP | 8b20c86cf35943af8a17cb1805ea52d1 |
+--------------------------------------+----------------+--------+-------+----------------------------------+
$ openstack router show private_router | grep external_gateway_info
| external_gateway_info | {"network_id": "81ef07c8-9925-46e4-a1b8-25d860ef32bc", "external_fixed_ips": [{"subnet_id": "7ee4595b-50cf-4074-9fa8-339376c4a71a", "ip_address": "192.168.200.169"}], "enable_snat": true} |
$ ping -c 2 192.168.200.169
PING 192.168.200.169 (192.168.200.169) 56(84) bytes of data.
64 bytes from 192.168.200.169: icmp_seq=1 ttl=254 time=0.260 ms
64 bytes from 192.168.200.169: icmp_seq=2 ttl=254 time=0.302 ms
--- 192.168.200.169 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1004ms
rtt min/avg/max/mdev = 0.260/0.281/0.302/0.021 ms
Step 7: Spin a test instance
Our OpenStack Cloud platform should be ready for use. We’ll download Cirros cloud image.
mkdir ~/images && cd ~/images
sudo yum -y install curl wget
VERSION=$(curl -s http://download.cirros-cloud.net/version/released)
wget http://download.cirros-cloud.net/$VERSION/cirros-$VERSION-x86_64-disk.img
Upload Cirros image to Glance store.
openstack image create --disk-format qcow2 \
--container-format bare --public \
--file ./cirros-$VERSION-x86_64-disk.img "Cirros"
Confirm image uploaded
$ openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 98d260ec-1ccc-46d6-bfb7-f52ca478dd0e | Cirros | active |
+--------------------------------------+--------+--------+
Create Security Group for all access.
openstack security group create permit_all --description "Allow all ports"
openstack security group rule create --protocol TCP --dst-port 1:65535 --remote-ip 0.0.0.0/0 permit_all
openstack security group rule create --protocol ICMP --remote-ip 0.0.0.0/0 permit_all
Create another security group for limited access – standard access ports ICMP, 22, 80, 443
openstack security group create limited_access --description "Allow base ports"
openstack security group rule create --protocol ICMP --remote-ip 0.0.0.0/0 limited_access
openstack security group rule create --protocol TCP --dst-port 22 --remote-ip 0.0.0.0/0 limited_access
openstack security group rule create --protocol TCP --dst-port 80 --remote-ip 0.0.0.0/0 limited_access
openstack security group rule create --protocol TCP --dst-port 443 --remote-ip 0.0.0.0/0 limited_access
List all security groups:
openstack security group list
Confirming. rules in the security group.
openstack security group show permit_all
openstack security group show limited_access
Create Private Key
$ ssh-keygen # if you don't have ssh keys already
Add key to Openstack:
$ openstack keypair create --public-key ~/.ssh/id_rsa.pub admin
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| created_at | None |
| fingerprint | 63:c9:01:ae:57:89:f8:ff:4b:e9:0e:68:7d:49:be:eb |
| id | admin |
| is_deleted | None |
| name | admin |
| type | ssh |
| user_id | 720b4dce6c2946c9bc71ae3c3032e256 |
+-------------+-------------------------------------------------+
Confirm keypair is available on OpenStack:
$ openstack keypair list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| admin | 19:7b:5c:14:a2:21:7a:a3:dd:56:c6:e4:3a:22:e8:3f |
+-------+-------------------------------------------------+
Listing available networks:
$ openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+---------+--------------------------------------+
| 6b311b90-3ee3-4ad8-a746-853d3952fabe | private | b5983809-f905-4419-b995-91ec3e22b401 |
| 81ef07c8-9925-46e4-a1b8-25d860ef32bc | public | 7ee4595b-50cf-4074-9fa8-339376c4a71a |
+--------------------------------------+---------+--------------------------------------+
Check available instance flavors:
$ openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
+----+-----------+-------+------+-----------+-------+-----------+
Let’s create an instance on the private network
openstack server create \
--flavor m1.tiny \
--image "Cirros" \
--network private \
--key-name admin \
--security-group permit_all \
mycirros
Check if the instance is created successfully.
$ openstack server list
+--------------------------------------+----------+--------+----------------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------+--------+----------------------+--------+---------+
| a261586f-bfff-46fa-9eb8-6f002e548429 | mycirros | ACTIVE | private=172.20.20.67 | Cirros | m1.tiny |
+--------------------------------------+----------+--------+----------------------+--------+---------+
To associate a floating IP from the public subnet use the guide below:
For simplicity we’ll include commands here:
$ openstack floating ip create --project admin --subnet public_subnet public
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| created_at | 2022-09-06T12:30:29Z |
| description | |
| dns_domain | |
| dns_name | |
| fixed_ip_address | None |
| floating_ip_address | 192.168.200.110 |
| floating_network_id | 81ef07c8-9925-46e4-a1b8-25d860ef32bc |
| id | 8f7b287c-b3a0-4fa3-b496-1940f3d86466 |
| name | 192.168.200.110 |
| port_details | None |
| port_id | None |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| qos_policy_id | None |
| revision_number | 0 |
| router_id | None |
| status | DOWN |
| subnet_id | 7ee4595b-50cf-4074-9fa8-339376c4a71a |
| tags | [] |
| updated_at | 2022-09-06T12:30:29Z |
+---------------------+--------------------------------------+
$ openstack server add floating ip mycirros 192.168.200.110
$ openstack server list
+--------------------------------------+----------+--------+---------------------------------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------+--------+---------------------------------------+--------+---------+
| a261586f-bfff-46fa-9eb8-6f002e548429 | mycirros | ACTIVE | private=172.20.20.67, 192.168.200.110 | Cirros | m1.tiny |
+--------------------------------------+----------+--------+---------------------------------------+--------+---------+
#Ping Server
$ ping -c 2 192.168.200.110
PING 192.168.200.110 (192.168.200.110) 56(84) bytes of data.
64 bytes from 192.168.200.110: icmp_seq=1 ttl=63 time=0.926 ms
64 bytes from 192.168.200.110: icmp_seq=2 ttl=63 time=0.883 ms
--- 192.168.200.110 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1065ms
rtt min/avg/max/mdev = 0.883/0.904/0.926/0.036 ms
Once floating IP is assigned you can ssh to the instance with private key.
$ ssh cirros@192.168.200.110
The authenticity of host '192.168.200.110 (192.168.200.110)' can't be established.
ECDSA key fingerprint is SHA256:EDeKOm4TYWzqtH/2AJrIY1ss7OsM+KZ6/JHg/1fr2ec.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.200.110' (ECDSA) to the list of known hosts.
$ cat /etc/os-release
NAME=Buildroot
VERSION=2019.02.1-00002-g77a944c-dirty
ID=buildroot
VERSION_ID=2019.02.1
PRETTY_NAME="Buildroot 2019.02.1"
$ ping geeksforgeeks.org -c 2
PING geeksforgeeks.org (104.26.5.192): 56 data bytes
64 bytes from 104.26.5.192: seq=0 ttl=56 time=22.220 ms
64 bytes from 104.26.5.192: seq=1 ttl=56 time=22.190 ms
--- geeksforgeeks.org ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 22.190/22.205/22.220 ms
For instance deployment with Terraform check:
I hope this article was helpful in the process of installing OpenStack on Rocky Linux / AlmaLinux server. This deployment method is not for highly Production deployments of OpenStack. Review other OpenStack deployment methods fit for Production setups.
More articles on OpenStack:
Install / Run Fedora CoreOS (FCOS) on KVM / OpenStack
How To resize/extend Cinder Volume in OpenStack
How To rename an Instance/Server in OpenStack