How to devStack on single machine with Overlay VxLAN Tunnels part1

Installing OpenStack from Source
  
Bare Fact's 

● Project Git Trees: 30 - 40                                 
● Python Dependencies: 50 – 100                 
● Linux Distro Dependencies: > 100               
● Databases: 5 – 10                                              
● Configuration Changes to System: ... a lot

• Written in Bash

• Prompts for 5 passwords

• Supports latest master +

• supported stable branches

• Core part of OpenStack's testing infrastructure

• Core part of OpenStack developer workflo

What DevStack Does
● Installing all prereq software via packages or pip
● Installing all OpenStack software via git to latest master
● Configuring and installing working database schema
● Configuring hypervisor, storage backends, networks
● Creating service ids and service catalog entries to connect all components
● Starting all OpenStack services under screen (for easy hot fix)
● Creating Apache configuration for web dashboard 
● Creates working Tempest config in /opt/stack/tempest
WARNING: DevStack will massively modify your OS. Do not run on a laptop unless you know what your doing. 

OpenStack conceptual architecture

Caveat Developer

● 4G memory recommended
● Be extremely careful with changes in /opt/stack
● Does not reclone git trees by default
● If all else goes wrong... ./clean.sh should fix it

Under normal circumstance, we would provide our OpenStack hosts with two networks in order to implement a logical separation between the external network and the OpenStack hosts.  The external network (or provider network) contains the resources which we will  provide to the virtual machines running on the hosts.  The host network will be used in order to provide a separate environment for the OpenStack components to communicate with one another.  In other words, the virtual machines will never see the host network.  If the hosts do not have multiple network interfaces, we can implement the logical separation by creating a separate VLAN interface on the host.  And that's what is going to happen on this how to, I'm assuming you have a machine with single network card and you want to leverage the power of devstask and pox controller. The L2 device doesn't have to support VLAN tagging for this to work.

Basic Preparations

Start with a fresh installation of Ubuntu 14.04.1 LTS.

During Os installation when prompted to select software to install only select OpenSSHserver

figure out the ip address of the box if using DHCP, start ssh session to the box and proceed  with the proceedings.

Enable root login

weed@cloud2:~$ sudo passwd

[sudo] password for weed:

Enter new UNIX password:

Retype new UNIX password:

passwd: password updated successfully

login as root

weed@cloud2:~$ su -

Password:   # password specified above

add a user to install DevStack (for the purpose of this demo the username is weed) Since this user will be making many changes to your system, it will need to have sudo privileges:

root@cloud2:~# echo "weed ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

Enable packet forwarding and disable reverse path filtering by editing the /etc/sysctl.conf file:

root@cloud2:~# echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf

root@cloud2:~# echo 'net.ipv4.conf.all.rp_filter=0' >> /etc/sysctl.conf

root@cloud2:~# echo 'net.ipv4.conf.default.rp_filter=0' >> /etc/sysctl.conf

root@cloud2:~# sysctl -p  # activate changes

net.ipv4.ip_forward = 1

net.ipv4.conf.all.rp_filter = 0

net.ipv4.conf.default.rp_filter = 0

install the vlan package by executing the following command

root@cloud2:~# sudo apt-get install vlan

make sure the 802.1q kernel module is loaded, and instruct the kernel to load it on boot

root@cloud2:~# modprobe 8021q

root@cloud2:~# echo 8021q >> /etc/modules

create a new interface on VLAN 10 Configure the ip address and subnet for the interface.

root@cloud2:~# nano /etc/network/interfaces

# The primary network interface

auto eth0

iface eth0 inet static

address 192.168.10.1

netmask 255.255.255.0

broadcast 192.168.10.255

gateway 192.168.10.252

dns-nameservers 4.2.2.2

# Vlan 10

auto eth0.10

iface eth0.10 inet static

address 172.0.10.1

netmask 255.255.255.0

vlan-raw-device eth0

reboot the system before proceeding

root@cloud2:~# reboot

DevStack Installation

you should login with the username you created above (in  this example the username is weed) grab the latest version of DevStack via https from github by

installing git, and use it to grab the latest version of DevStack

weed@cloud2:~$ sudo apt-get -y install git

weed@cloud2:~$ git clone https://github.com/openstack-dev/devstack.git

weed@cloud2:~$ cd devstack

Create local.conf as shown below. It is extremely important that the ip address assigned to the eth0 interface and the address used as the public network gateway to be different.

weed@cloud2:~/devstack$ nano local.conf

[[local|localrc]]

NETWORK_GATEWAY=192.1.0.1

PUBLIC_NETWORK_GATEWAY=192.168.10.2

FLOATING_RANGE=192.168.10.0/24

FIXED_RANGE=192.1.0.0/24

FIXED_NETWORK_SIZE=256

HOST_IP=172.0.10.1

disable_service n-net

enable_service q-lbaas

enable_service q-svc

enable_service q-agt

enable_service q-dhcp

enable_service q-meta

enable_service q-l3

enable_service neutron

Q_PLUGIN=ml2

Q_AGENT=openvswitch

Q_USE_DEBUG_COMMAND=True

Q_L3_ENABLED=True

Q_L3_ROUTER_PER_TENANT=True

ENABLE_TENANT_TUNNELS=True

TENANT_TUNNEL_RANGE=-1:1000

Q_ML2_TENANT_NETWORK_TYPE=vxlan

Q_USE_PROVIDERNET_FOR_PUBLIC=True

OVS_BRIDGE_MAPPINGS=public:br-eth0

OVS_ENABLE_TUNNELING=True

PUBLIC_BRIDGE=br-eth0

ADMIN_PASSWORD=passweed

MYSQL_PASSWORD=passweed

RABBIT_PASSWORD=passweed

SERVICE_PASSWORD=passweed

#enable_service tempest

Time to Stack!

weed@cloud2:~/devstack$ FORCE=yes ./stack.sh

################################################################################

ENTER A SERVICE_TOKEN TO USE FOR THE SERVICE ADMIN TOKEN.

################################################################################

This value will be written to your localrc file so you don't have to enter it

again.  Use only alphanumeric characters.

If you leave this blank, a random default value will be used.

Enter a password now:

passweed  password specified above (press Enter) 

Horizon is now available at http://172.0.10.1/

Keystone is serving at http://172.0.10.1:5000/v2.0/

Examples on using novaclient command line is in exercise.sh

The default users are: admin and demo

The password: passweed

This is your host ip: 172.0.10.1

2015-02-17 01:08:30.445 | stack.sh completed in 4478 seconds.

weed@cloud2:~/devstack$

Modify the /etc/network/interfaces file to create the final network interfaces configuration:

weed@cloud2:~/devstack$ sudo mv /etc/network/interfaces /etc/network/interfaces.old

weed@cloud2:~/devstack$ sudo nano /etc/network/interfaces

# This file describes the network interfaces available on your system

# and how to activate them. For more information, see interfaces(5).

# The loopback network interface

auto lo

iface lo inet loopback

# The primary network interface

auto eth0

#iface eth0 inet static

# address 192.168.10.1

# netmask 255.255.255.0

# broadcast 192.168.10.255

# gateway 192.168.10.252

# dns-nameservers 4.2.2.2

# The external bridge

auto br-eth0

allow-ovs br-eth0

iface br-eth0 inet static

ovs_type OVSBridge

ovs_ports eth0

address 192.168.10.1

netmask 255.255.255.0

gateway 192.168.10.252

dns-nameservers 4.2.2.2

pre-up ovs-vsctl --may-exist add-br br-eth0

pre-up ovs-vsctl --may-exist add-port br-eth0 eth0

pre-up ifconfig br-eth0 up

post-up ip addr add 100.16.0.2/24 dev br-eth0

post-down ovs-vsctl --if-exists del-port br-eth0 eth0

post-down ip addr delete 100.16.0.2/24 dev br-eth0

post-down ifconfig br-eth0 down

# The host VLAN 10

auto eth0.10

iface eth0.10 inet static

address 172.0.10.1

netmask 255.255.255.0

vlan-raw-device eth0

Reboot, and verify connectivity to the host and provider interfaces:

weed@cloud2:~/devstack$ sudo shutdown -ry now

weed@cloud2:~$ ping -c 1 172.0.10.1

PING 172.0.10.1 (172.0.10.1) 56(84) bytes of data.

64 bytes from 172.0.10.1: icmp_seq=1 ttl=64 time=0.136 ms

--- 172.0.10.1 ping statistics ---

1 packets transmitted, 1 received, 0% packet loss, time 0ms

rtt min/avg/max/mdev = 0.136/0.136/0.136/0.000 ms

weed@cloud2:~$ ping -c 1 192.168.10.1

PING 192.168.10.1 (192.168.10.1) 56(84) bytes of data.

64 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=0.142 ms

--- 192.168.10.1 ping statistics ---

1 packets transmitted, 1 received, 0% packet loss, time 0ms

rtt min/avg/max/mdev = 0.142/0.142/0.142/0.000 ms

Restart the devstack processes:

weed@cloud2:~$ cd devstack/

weed@cloud2:~/devstack$ script /dev/null

Script started, file is /dev/null

weed@cloud2:~/devstack$ sudo -u weed sh -c 'cd /opt/stack/devstack ; ./rejoin-stack.sh'

Press <ctrl-a> d to detach from the screen session

List all IP namespaces

weed@cloud2:~$ sudo ip net
qdhcp-e2f6f1cd-e31c-4f43-a9f9-2be84646b50b
qrouter-cbde91df-9cc7-4d53-8724-d606fc9878eb

check the IP addresses of the router:

weed@cloud2:~$ sudo ip netns exec qrouter-cbde91df-9cc7-4d53-8724-d606fc9878eb ifconfig
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

qg-b9716926-05 Link encap:Ethernet  HWaddr fa:16:3e:23:1b:bd
          inet addr:192.168.10.1  Bcast:192.168.10.255  Mask:255.255.255.0
          inet6 addr: fe80::f816:3eff:fe23:1bbd/64 Scope:Link
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:74 errors:0 dropped:0 overruns:0 frame:0
          TX packets:21 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:23410 (23.4 KB)  TX bytes:1642 (1.6 KB)

qr-36be3660-8d Link encap:Ethernet  HWaddr fa:16:3e:1a:25:d4
          inet addr:192.1.0.1  Bcast:192.1.0.255  Mask:255.255.255.0
          inet6 addr: fe80::f816:3eff:fe1a:25d4/64 Scope:Link
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:19 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1502 (1.5 KB)  TX bytes:1432 (1.4 KB)

As you can see, this shows the 192.168.10.1 and 192.1.0.1 IP addresses assigned to the router. If everything works, then you should be able to ping your virtual router:

weed@cloud2:~$ sudo ip netns exec qrouter-cbde91df-9cc7-4d53-8724-d606fc9878eb ping 192.1.0.1
PING 192.1.0.1 (192.1.0.1) 56(84) bytes of data.
64 bytes from 192.1.0.1: icmp_seq=1 ttl=64 time=0.154 ms
64 bytes from 192.1.0.1: icmp_seq=2 ttl=64 time=0.094 ms
64 bytes from 192.1.0.1: icmp_seq=3 ttl=64 time=0.089 ms
64 bytes from 192.1.0.1: icmp_seq=4 ttl=64 time=0.099 ms
64 bytes from 192.1.0.1: icmp_seq=5 ttl=64 time=0.097 ms
64 bytes from 192.1.0.1: icmp_seq=6 ttl=64 time=0.098 ms
64 bytes from 192.1.0.1: icmp_seq=7 ttl=64 time=0.069 ms
^C
--- 192.1.0.1 ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6002ms
rtt min/avg/max/mdev = 0.069/0.100/0.154/0.024 ms

verification from Horizon

Open your web browser and point it to http://192.168.10.2. User admin and  password whatever you specified during installation

Devstack Basic Operations from Horizon