openstack-manuals/doc/install-guide/source/environment-dependencies.rst

OpenStack service dependencies

OpenStack packages

Distributions release OpenStack packages as part of the distribution or using other methods because of differing release schedules. Perform these procedures on all nodes.

Note

Disable or remove any automatic update services because they can impact your OpenStack environment.

ubuntu

Enable the OpenStack repository

• Install the Ubuntu Cloud archive keyring and repository:

  # apt-get install ubuntu-cloud-keyring
  # echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu" \
    "trusty-updates/liberty main" > /etc/apt/sources.list.d/ \
    cloudarchive-liberty.list

rdo

Prerequisites

1. On RHEL and CentOS, enable the EPEL repository:

   # yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm

   Note

   Fedora does not require this repository.

2. On RHEL, enable additional repositories using the subscription manager:

   # subscription-manager repos --enable=rhel-7-server-optional-rpms
   # subscription-manager repos --enable=rhel-7-server-extras-rpms

   Note

   CentOS and Fedora do not require these repositories.

rdo

Enable the OpenStack repository

• Install the rdo-release-liberty package to enable the RDO repository:

  # yum install http://rdo.fedorapeople.org/openstack-liberty/rdo-release-liberty.rpm

obs

Enable the OpenStack repository

• Enable the Open Build Service repositories based on your openSUSE or SLES version:

  On openSUSE 13.2:

  # zypper addrepo -f obs://Cloud:OpenStack:Liberty/openSUSE_13.2 Liberty

  The openSUSE distribution uses the concept of patterns to represent collections of packages. If you selected 'Minimal Server Selection (Text Mode)' during the initial installation, you may be presented with a dependency conflict when you attempt to install the OpenStack packages. To avoid this, remove the minimal_base-conflicts package:

  # zypper rm patterns-openSUSE-minimal_base-conflicts

  On SLES 12:

  # zypper addrepo -f obs://Cloud:OpenStack:Liberty/SLE_12 Liberty

  Note

  The packages are signed by GPG key 893A90DAD85F9316. You should verify the fingerprint of the imported GPG key before using it.

  Key ID: 893A90DAD85F9316
  Key Name: Cloud:OpenStack OBS Project <Cloud:OpenStack@build.opensuse.org>
  Key Fingerprint: 35B34E18ABC1076D66D5A86B893A90DAD85F9316
  Key Created: Tue Oct  8 13:34:21 2013
  Key Expires: Thu Dec 17 13:34:21 2015

debian

Enable the backports repository

The Liberty release is available directly through the official Debian backports repository. To use this repository, follow the instruction from the official Debian website, which basically suggest doing the following steps:

1. On all nodes, adding the Debian 8 (Jessie) backport repository to the source list:

   # echo "deb deb http://http.debian.net/debian jessie-backports main" \
     >>/etc/apt/sources.list

   Note

   Later you can use the following command to install a package:

   # apt-get -t jessie-backports install ``PACKAGE``

Finalize the installation

ubuntu or debian

• Upgrade the packages on your system:

  $ apt-get update && apt-get dist-upgrade

  Note

  If the upgrade process includes a new kernel, reboot your system to activate it.

rdo

1. Upgrade the packages on your system:

   # yum upgrade

   Note

   If the upgrade process includes a new kernel, reboot your system to activate it.

obs

• Upgrade the packages on your system:

  $ zypper refresh && zypper dist-upgrade

  Note

  If the upgrade process includes a new kernel, reboot your system to activate it.

rdo

2. RHEL and CentOS enable SELinux by default. Install the openstack-selinux package to automatically manage security policies for OpenStack services:

   # yum install openstack-selinux

   Note

   Fedora does not require this package.

3. Because Fedora does not provide the openstack-selinux package ensure that SELinux is disabled.

   # sestatus
   SELinux status:                 disabled

   If SELinux status is enabled disable SELinux by editing the file /etc/selinux/config and restarting the system afterwards:

   SELINUX=disabled

   Note

   CentOS and RHEL do not require this step.

SQL database

Most OpenStack services use an SQL database to store information. The database typically runs on the controller node. The procedures in this guide use MariaDB or MySQL depending on the distribution. OpenStack services also support other SQL databases including PostgreSQL.

Install and configure the database server

1. Install the packages:

   rdo or ubuntu or obs

   Note

   The Python MySQL library is compatible with MariaDB.

   ubuntu

   # apt-get install mariadb-server python-pymysql

   debian

   # apt-get install mysql-server python-pymysql

   rdo

   # yum install mariadb mariadb-server python2-PyMySQL

   obs

   # zypper install mariadb-client mariadb python-mysql

ubuntu or debian

2. Choose a suitable password for the database root account.
3. Create and edit the /etc/mysql/conf.d/mysqld_openstack.cnf file and complete the following actions:

   • In the [mysqld] section, set the bind-address key to the management IP address of the controller node to enable access by other nodes via the management network:

     [mysqld]
     ...
     bind-address = 10.0.0.11

   • In the [mysqld] section, set the following keys to enable useful options and the UTF-8 character set:

     [mysqld]
     ...
     default-storage-engine = innodb
     innodb_file_per_table
     collation-server = utf8_general_ci
     init-connect = 'SET NAMES utf8'
     character-set-server = utf8

obs or rdo

2. Create and edit the /etc/my.cnf.d/mariadb_openstack.cnf file and complete the following actions:

   • In the [mysqld] section, set the bind-address key to the management IP address of the controller node to enable access by other nodes via the management network:

     [mysqld]
     ...
     bind-address = 10.0.0.11

   • In the [mysqld] section, set the following keys to enable useful options and the UTF-8 character set:

     [mysqld]
     ...
     default-storage-engine = innodb
     innodb_file_per_table
     collation-server = utf8_general_ci
     init-connect = 'SET NAMES utf8'
     character-set-server = utf8

To finalize installation

ubuntu or debian

1. Restart the database service:

   # service mysql restart

rdo or obs

1. Start the database service and configure it to start when the system boots:

   rdo

   # systemctl enable mariadb.service
   # systemctl start mariadb.service

   obs

   # systemctl enable mysql.service
   # systemctl start mysql.service

ubuntu

2. Secure the database service:

   mariadb_output.txt

rdo or obs

2. Secure the database service including choosing a suitable password for the root account:

   mariadb_output.txt

Message queue

OpenStack uses a message queue to coordinate operations and status information among services. The message queue service typically runs on the controller node. OpenStack supports several message queue services including RabbitMQ, Qpid, and ZeroMQ. However, most distributions that package OpenStack support a particular message queue service. This guide implements the RabbitMQ message queue service because most distributions support it. If you prefer to implement a different message queue service, consult the documentation associated with it.

Install the message queue service

• Install the package:

  ubuntu or debian

  # apt-get install rabbitmq-server

  rdo

  # yum install rabbitmq-server

  obs

  # zypper install rabbitmq-server

Configure the message queue service

1. Start the message queue service and configure it to start when the system boots:

   rdo or obs

   # systemctl enable rabbitmq-server.service
   # systemctl start rabbitmq-server.service

2. Add the openstack user:

   # rabbitmqctl add_user openstack RABBIT_PASS
     Creating user "openstack" ...

   Replace RABBIT_PASS with a suitable password.

3. Permit configuration, write, and read access for the openstack user:

   # rabbitmqctl set_permissions openstack ".*" ".*" ".*"
     Setting permissions for user "openstack" in vhost "/" ...