The OpenStack Services
Service | Project name | Description |
---|---|---|
Dashboard | Horizon | Web UI |
Compute service | Nova | Spawning, scheduling and decommissioning of VMs |
Netwroking service | Neutron | API to define network |
Object Storage service | Swift | Data replication in a server cluster |
Block Storage service | Cinder | Block Storage to run instances |
Identity Service | Keystone | Authentication and authorization |
Image service | Glance | VM images, instance provisioning |
Telemetry service | Ceilometer | Monitors and meters |
Orchestration service | Heat | Orchestrate muiltiple services |
Database service | Trove | Database-as-a-service |
Data Processing service | Sahara | Capabilities to provision and scale Hadoop clusters |
Openstack architecture
- Database for Centos
systemctl enable mysql.service
systemctl start mysql.service
- Message queue for Centos
yum install rabbitmq-server
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
rabbitmqctl add_user openstack RABBIT_PASS
rabbitmqctl set_permisiions openstack ".*"".*"".*"
- Mencached to catch tokens for Identity service authentication
yum install memcached python-memcached
vi /etc/sysconfig/memcached
> OPTIONS = "-l 127.0.0.1, ::1, controller_id"
systemctl enable memcached.service
systemctl start memcached.service
- etcd to store key-value
Hands-on learning
1. Create flavor
openstack flavor create --id x --vcpus x --ram x --disk x flavor_name
2. Generate a key pair
. demo-openrc #source credentials
ssh-keygen -q -N "" #generate key
openstack keypair create --public-key ~/.ssh/id_ras.pub key_name
openstack keypair list
3. Add security group rules
Define the rules for instances access, prevent access without permits.
–proto Permit ICMP (ping) or SSH (secure shell)
openstack security group rule create --proto xxx --dst-port x\ instance_name
4. Create the provider network
. admin-openrc
openstack network create --share --external \
--network_name-physical-network network_name \
--network_name-network-type flat network_name
openstack subnet create --network network_name \
--allocation-pool start=START_IP_ADDRESS,end=END_IP_ADDRESS \
--dns-nameserver DNS_RESLOVER --gateway network_name NETWORK_GATEWAY \
--subnet-range NETWORK-CIDR network_name
DNS-resolver can be found in /etc/resolv.conf
5. Create a router
openstack router create router
neutron router-interface-add router network_name
neutron router-gateway-set router network_name
# see router information
ip netns
neutron router-port-list router
6. Determine instance options
openstack flavor list
openstack image list
openstack network list
openstack security group list
openstack server create --flavor xx --image xx \
--nic net-id=xx --security-group xx \
--key-name xx instance_name
openstack server list
7. Access the instance using the virtual console
openstack console url show instance_name
8. Access the instance using ssh
ssh cirros@xxx.xxx.xxx.xxx
#password cubswin:)
9. Block storage
openstack volume create --size x volume_name
openstack volume list
openstack server add volume instance_name volume-name
Firewalls and default ports
All the information of ports can be found here.
Frequently used ports:
Service | Default ports | Type |
---|---|---|
HTTP | 80 | Horizon for dashboard |
MyQSL | 3306 | Database |
SSH | 22 | TCP |
To see the port range:
sysctl net.ipv4.ip_local_port_range