OpenStack Havana on Ubuntu 12.

04 LTS
Single machine setup
The Single machine setup has all the services running. Cinder part is to be added in the future.
Install Ubuntu 12.04 with partitioning scheme as per your requirements.
Note: Run all the commands as super-user. We assume that the IP of the Single machine is 10.0.0.1.

Configure the repositories

apt-get install python-software-properties
add-apt-repository cloud-archive:havana
apt-get update
apt-get upgrade

Support packages
RaabitMQ server
apt-get install rabbitmq-server
rabbitmqctl change_password guest rabbit_pass

MySQL server
Install MySQL server and related software
apt-get install -y mysql-server python-mysqldb
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
service mysql restart

Other Support Packages

apt-get install ntp vlan bridge-utils
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
sysctl net.ipv4.ip_forward=1

Keystone
Install keystone
apt-get install -y keystone

Create mysql database named keystone and add credentials

mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL ON keystone.* TO 'keystoneUser'@'%' IDENTIFIED BY 'keystonePass';
quit;

Edit the file /etc/keystone/keystone.conf and edit the following line, so it looks like this
connection = mysql://keystoneUser:keystonePass@10.0.0.1/keystone

Restart the keystone service and sync the database

service keystone restart
keystone-manage db_sync

Export the variable to run initial keystone commands

export OS_SERVICE_TOKEN=ADMIN
export OS_SERVICE_ENDPOINT=http://10.0.0.1:35357/v2.0

Create admin user, admin tenant, admin role and service tenant. Also add admin user to admin tenant
and admin role.
keystone
keystone
keystone
keystone
keystone

tenant-create --name=admin --description="Admin Tenant"

tenant-create --name=service --description="Service Tenant"
user-create --name=admin --pass=ADMIN --email=admin@example.com
role-create --name=admin
user-role-add --user=admin --tenant=admin --role=admin

Create keystone service

keystone service-create --name=keystone --type=identity --description="Keystone
Identity Service"

Create keystone endpoint

keystone endpoint-create --service keystone --publicurl=http://10.0.0.1:5000/v2.0
--internalurl=http://10.0.0.1:5000/v2.0 --adminurl=http://10.0.0.1:35357/v2.0

Check the keystone connection and credentials

unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
keystone --os-username=admin --os-password=ADMIN --os-authurl=http://10.0.0.1:35357/v2.0 token-get

Create a file named creds and add the following lines

export
export
export
export

OS_USERNAME=admin
OS_PASSWORD=ADMIN
OS_TENANT_NAME=admin
OS_AUTH_URL=http://10.0.0.1:35357/v2.0

Source the file

source creds

Test the creds file

keystone token-get
keystone user-list

Glance (Image Store)

Install Glance
apt-get install -y glance

Create database and credentials for Glance

mysql -u root -p
CREATE DATABASE glance;
GRANT ALL ON glance.* TO 'glanceUser'@'%' IDENTIFIED BY 'glancePass';
quit;

Create glance related keystone entries

keystone user-create --name=glance --pass=glance_pass --email=glance@example.com
keystone user-role-add --user=glance --tenant=service --role=admin
keystone service-create --name=glance --type=image --description="Glance Image
Service"
keystone endpoint-create --service glance --publicurl=http://10.0.0.1:9292
--internalurl=http://10.0.0.1:9292 --adminurl=http://10.0.0.1:9292

Edit /etc/glance/glance-api.conf and edit the following lines

[DEFAULT]
sql_connection = mysql://glanceUser:glancePass@10.0.0.1/glance
rabbit_host = 10.0.0.1
rabbit_port = 5672
rabbit_userid = guest
rabbit_password = rabbit_pass
[keystone_authtoken]
auth_host = 10.0.0.1
auth_port = 5000
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = glance_pass
[paste_deploy]
flavor = keystone

Edit /etc/glance/glance-registry.conf and edit the following lines

sql_connection = mysql://glanceUser:glancePass@10.0.0.1/glance
[keystone_authtoken]
auth_host = 10.0.0.1
auth_port = 5000

auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = glance_pass
[paste_deploy]
flavor = keystone

Restart Glance services

service glance-api restart
service glance-registry restart

Sync the database

glance-manage db_sync

Download a pre-bundled image for testing

glance image-create --name Cirros --is-public true --container-format bare --diskformat qcow2 --location https://launchpad.net/cirros/trunk/0.3.0/+download/cirros0.3.0-x86_64-disk.img
glance index

Nova(Compute)
Install the Nova services
apt-get install nova-compute nova-novncproxy novnc nova-api nova-ajax-console-proxy
nova-cert nova-conductor nova-consoleauth nova-doc nova-scheduler nova-volume
python-novaclient

Create database and credentials for Nova

mysql -u root -p
CREATE DATABASE nova;
GRANT ALL ON nova.* TO 'novaUser'@'%' IDENTIFIED BY 'novaPass';
quit

Create Keystone entries for Nova

keystone user-create --name=nova --pass=nova_pass --email=nova@domain.com
keystone user-role-add --tenant=service --user=nova --role=admin
keystone service-create --name nova --type compute --description 'OpenStack Compute
Service'
keystone endpoint-create --service nova --publicurl 'http://10.0.0.1:8774/v2/$
(tenant_id)s' --adminurl 'http://10.0.0.1:8774/v2/$(tenant_id)s' --internalurl
'http://10.0.0.1/v2/$(tenant_id)s'

Open /etc/nova/nova.conf and edit the file as follows

[DEFAULT]
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova

force_dhcp_release=True
iscsi_helper=tgtadm
libvirt_use_virtio_for_bridges=True
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
volumes_path=/var/lib/nova/volumes
enabled_apis=ec2,osapi_compute,metadata
rpc_backend = nova.rpc.impl_kombu
rabbit_host = 10.0.0.1
rabbit_password = rabbit_pass
my_ip=10.0.0.1
vncserver_listen=10.0.0.1
novncproxy_base_url=http://10.0.0.1:6080/vnc_auto.html
vncserver_proxyclient_address=10.0.0.1
auth_strategy=keystone
network_api_class=nova.network.neutronv2.api.API
neutron_url=http://10.0.0.1:9696
neutron_auth_strategy=keystone
neutron_admin_tenant_name=service
neutron_admin_username=neutron
neutron_admin_password=neutron_pass
neutron_admin_auth_url=http://10.0.0.1:35357/v2.0
firewall_driver=nova.virt.firewall.NoopFirewallDriver
security_group_api=neutron
[database]
connection = mysql://novaUser:novaPass@10.0.0.1/nova
[keystone_authtoken]
auth_host = 10.0.0.1
auth_port = 5000
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = nova_pass

Edit /etc/nova/api-paste.ini as follows

[filter:authtoken]
auth_host = 127.0.0.1
auth_port = 5000
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = nova_pass
auth_version = v2.0

Sync the nova database

nova-manage db sync

Restart all nova services

cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; cd ;done

Test the Nova installation using the following command

nova-manage service list

The output should be something like this

Binary
Updated_At
nova-cert
03-11 10:07:30
nova-consoleauth
03-11 10:07:30
nova-conductor
03-11 10:07:27
nova-scheduler
03-11 10:07:30
nova-compute
03-11 10:07:28
nova-console
03-11 10:07:27

Host

Zone

Status

State

openstack

internal

enabled

:-)

2014-

openstack

internal

enabled

:-)

2014-

openstack

internal

enabled

:-)

2014-

openstack

internal

enabled

:-)

2014-

openstack

nova

enabled

:-)

2014-

openstack

internal

enabled

:-)

2014-

Also run the following command to check if nova is able to authenticate with keystone server
nova list

Neutron(Networking service)
Install the Neutron services
apt-get install neutron-server neutron-dhcp-agent neutron-plugin-openvswitch-agent
openvswitch-switch neutron-l3-agent

Edit the file /etc/sysctl.conf and make the following changes

net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0

Save the file and run the following command to make sure the changes take effect immediately
sysctl -p

Create database and credentials for Neutron

mysql -u root -p
CREATE DATABASE neutron;
GRANT ALL ON neutron.* TO 'neutronUser'@'%' IDENTIFIED BY 'neutronPass';
quit;

Create Keystone entries for Neutron

keystone user-create --name=neutron --pass=neutron_pass --email=neutron@example.com
keystone user-role-add --user=neutron --tenant=service --role=admin
keystone service-create --name neutron --type network --description 'OpenStack
Networking service'
keystone endpoint-create --service neutron --publicurl 'http://10.0.0.1:9696/'
--adminurl 'http://10.0.0.1:9696/' --internalurl 'http://10.0.0.1:9696/'

Edit /etc/neutron/neutron.conf
[default]
rpc_backend = neutron.openstack.common.rpc.impl_kombu
rabbit_host = 10.0.0.1
rabbit_port = 5672
rabbit_userid = guest
rabbit_password = rabbit_pass
[keystone_authtoken]
auth_host = 10.0.0.1
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = neutron
admin_password = neutron_pass
signing_dir = $state_path/keystone-signing
[database]
connection = mysql://neutronUser:neutronPass@10.0.0.1/neutron

Open the /etc/neutron/api-paste.ini file and edit it as follows

[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host = 10.0.0.1
admin_tenant_name = service
admin_user = neutron
admin_password = neutron_pass

Create bridges
ovs-vsctl
ovs-vsctl
ovs-vsctl
# x=1,2,3

add-br br-int
add-br br-eth1
add-port br-eth1 ethx
etc as per the ethernet interface

Open /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini and make the following changes

[OVS]
tenant_network_type = vlan
network_vlan_ranges = default:2000:3999
integration_bridge = br-int
bridge_mappings = default:br-eth1
[securitygroup]
firewall_driver =
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

Edit /etc/neutron/metadata_agent.ini to look like this

[DEFAULT]
auth_url = http://localhost:5000/v2.0
auth_region = RegionOne
admin_tenant_name = service
admin_user = neutron
admin_password = neutron_pass
metadata_proxy_shared_secret = metadata_pass

Edit /etc/neutron/dhcp_agent.ini to look like this

[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = True

Edit /etc/neutron/l3_agent.ini to look like this

[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
service
service
service
service
service

neutron-server restart
neutron-plugin-openvswitch-agent restart
neutron-metadata-agent restart
neutron-dhcp-agent restart
neutron-l3-agent restart

Check if the services are running using the following command

neutron agent-list

The output should be like

+--------------------------------------+--------------------+-----------+------+----------------+
| id
| agent_type
| host
| alive |
admin_state_up |
+--------------------------------------+--------------------+-----------+------+----------------+
| 21b570c8-b822-47de-8d21-30fc08e26e05 | L3 agent
| openstack | :-)
|
True
|
| 37f64d91-9e8a-43ff-914b-56c9ab9a3e41 | DHCP agent
| openstack | :-)
|
True
|
| 70e6b9f4-740a-4961-93ff-26a3b3c50397 | Open vSwitch agent | openstack | :-)
|
True
|
+--------------------------------------+--------------------+-----------+------+----------------+

Horizon (OpenStack Dashboard)

apt-get install openstack-dashboard

After installing login using the following credentials

URL
: http://10.0.0.1/horizon
Username: admin
Password: ADMIN