This post shows only commands and file modifications without explanation. It is based on http://docs.openstack.org/liberty/install-guide-rdo/
To keep it simple I used the same password for most of services: AdminPass123!
Install OS CentOS 7.1 x64 minimal on 3 servers. Enable visualization in BIOS on server compute1. File should exists /dev/kvm:
[root@compute1 ~]# ls -l /dev/kvm
crw-rw-rw- 1 root kvm 10, 232 Feb 10 16:33 /dev/kvm
Configure network interfaces as on picture above.
1. Configure controller
Generate ssh private key and upload public key to compute1 and block1:
ssh-keygen
ssh-copy-id 10.4.4.2
ssh-copy-id 10.4.4.3
Update /etc/hosts
cat << 'EOF' > /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.4.4.1 controller
10.4.4.2 compute1
10.4.4.3 block1
EOF
Copy to all servers:
scp /etc/hosts 10.4.4.2:/etc/
scp /etc/hosts 10.4.4.3:/etc/
Disable SELINUX and Firewall
systemctl disable firewalld
systemctl stop firewalld
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
RPMs
Install all OpenStack related packages:
yum -y install epel-release
yum -y install chrony
yum -y install centos-release-openstack-liberty
yum -y install python-openstackclient
yum -y install mariadb mariadb-server MySQL-python
yum -y install mongodb-server mongodb
yum -y install rabbitmq-server
yum -y install openstack-keystone httpd mod_wsgi memcached python-memcached
yum -y install openstack-glance python-glance python-glanceclient
yum -y install openstack-nova-api openstack-nova-cert openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler python-novaclient
yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge python-neutronclient ebtables ipset
yum -y install openstack-dashboard
yum -y install openstack-cinder python-cinderclient
create source file /root/admin-openrc.sh
cat << 'EOF' > admin-openrc.sh
export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=AdminPass123!
export OS_TOKEN=c4ebc7b8cd7a4f5730be
export OS_URL=http://controller:35357/v3
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
EOF
Configuration files (manual edit)
/etc/httpd/conf/httpd.conf
. . .
ServerName controller
. . .
/etc/openstack-dashboard/local_settings
. . .
ALLOWED_HOSTS = ['*', ]
. . .
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': '127.0.0.1:11211',
}
}
. . .
OPENSTACK_HOST = "controller"
. . .
OPENSTACK_NEUTRON_NETWORK = {
'enable_router': False,
'enable_quotas': False,
'enable_ipv6': True,
'enable_distributed_router': False,
'enable_ha_router': False,
'enable_lb': True,
'enable_firewall': False,
'enable_vpn': False,
'enable_fip_topology_check': False,
'default_ipv4_subnet_pool_label': None,
'default_ipv6_subnet_pool_label': None,
'profile_support': None,
'supported_provider_types': ['*'],
'supported_vnic_types': ['*']
}
. . .
Configuration files (full copy)
/etc/chrony.conf
# cat << 'EOF' > /etc/chrony.conf
server 10.0.0.1 iburst
allow 10.0.0.0/8
EOF
/etc/my.cnf.d/mariadb_openstack.cnf
# cat << 'EOF' > /etc/my.cnf.d/mariadb_openstack.cnf
[mysqld]
bind-address = 10.4.4.1
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8
EOF
/etc/mongod.conf
# cat << 'EOF' > /etc/mongod.conf
bind_ip = 10.4.4.1
fork = true
pidfilepath = /var/run/mongodb/mongod.pid
logpath = /var/log/mongodb/mongod.log
unixSocketPrefix = /var/run/mongodb
dbpath = /var/lib/mongodb
smallfiles = true
EOF
/etc/keystone/keystone.conf
# cat << 'EOF' > /etc/keystone/keystone.conf
[DEFAULT]
admin_token = c4ebc7b8cd7a4f5730be
verbose = true
[database]
connection = mysql://keystone:KEYSTONE_DBPASS@localhost/keystone
[memcache]
servers = localhost:11211
[revoke]
driver = sql
[token]
provider = uuid
driver = memcache
EOF
/etc/httpd/conf.d/wsgi-keystone.conf
# cat << 'EOF' > /etc/httpd/conf.d/wsgi-keystone.conf
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>
EOF
/etc/glance/glance-api.conf
# cat << 'EOF' > /etc/glance/glance-api.conf
[DEFAULT]
notification_driver = noop
verbose = True
[database]
connection = mysql://glance:GLANCE_DBPASS@localhost/glance
[glance_store]
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = glance
password = AdminPass123!
[paste_deploy]
flavor = keystone
EOF
/etc/glance/glance-registry.conf
# cat << 'EOF' > /etc/glance/glance-registry.conf
[DEFAULT]
notification_driver = noop
verbose = True
[database]
connection = mysql://glance:GLANCE_DBPASS@localhost/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = glance
password = AdminPass123!
[paste_deploy]
flavor = keystone
EOF
/etc/nova/nova.conf
# cat << 'EOF' > /etc/nova/nova.conf
[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.4.4.1
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
enabled_apis=osapi_compute,metadata
verbose = True
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
[cinder]
os_region_name = RegionOne
[database]
connection = mysql://nova:NOVA_DBPASS@localhost/nova
[glance]
host = controller
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = nova
password = AdminPass123!
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = neutron
password = AdminPass123!
service_metadata_proxy = True
metadata_proxy_shared_secret = METADATA_SECRET
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
EOF
/etc/neutron/neutron.conf
# cat << 'EOF' > /etc/neutron/neutron.conf
[DEFAULT]
core_plugin = ml2
service_plugins =
rpc_backend = rabbit
auth_strategy = keystone
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://controller:8774/v2
verbose = True
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = AdminPass123!
[database]
connection = mysql://neutron:NEUTRON_DBPASS@localhost/neutron
[nova]
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = nova
password = AdminPass123!
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
EOF
/etc/cinder/cinder.conf
# cat << 'EOF' > /etc/cinder/cinder.conf
[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.4.4.1
verbose = True
[database]
connection = mysql://cinder:CINDER_DBPASS@localhost/cinder
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = AdminPass123!
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
EOF
/etc/neutron/plugins/ml2/ml2_conf.ini
# cat << 'EOF' > /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
flat_networks = public
enable_ipset = True
EOF
/etc/neutron/plugins/ml2/linuxbridge_agent.ini
# cat << 'EOF' > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = public:enp6s0
[vxlan]
enable_vxlan = False
[agent]
prevent_arp_spoofing = True
[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
EOF
/etc/neutron/dhcp_agent.ini
# cat << 'EOF' > /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True
verbose = True
EOF
/etc/neutron/metadata_agent.ini
# cat << 'EOF' > /etc/neutron/metadata_agent.ini
[DEFAULT]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_region = RegionOne
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = AdminPass123!
nova_metadata_ip = controller
metadata_proxy_shared_secret = METADATA_SECRET
verbose = True
auth_url = http://localhost:5000/v2.0
auth_region = RegionOne
admin_tenant_name = %SERVICE_TENANT_NAME%
admin_user = %SERVICE_USER%
admin_password = %SERVICE_PASSWORD%
EOF
Enable services
systemctl enable chronyd.service
systemctl enable mariadb.service
systemctl enable mongod.service
systemctl enable rabbitmq-server.service
systemctl enable memcached.service
systemctl enable httpd.service
systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl enable openstack-nova-api.service openstack-nova-cert.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl enable httpd.service memcached.service
systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl start mariadb
mysql -u root
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'GLANCE_DBPASS';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'GLANCE_DBPASS';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'GLANCE_DBPASS';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'GLANCE_DBPASS';
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'CINDER_DBPASS';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'CINDER_DBPASS';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'CINDER_DBPASS';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'CINDER_DBPASS';
quit
systemctl start rabbitmq-server.service
rabbitmqctl add_user openstack RABBIT_PASS
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Reboot
reboot
OpenStack commands:
source admin-openrc.sh
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "keystone-manage db_sync" keystone
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
su -s /bin/sh -c "cinder-manage db sync" cinder
su -s /bin/sh -c "glance-manage db_sync" glance
su -s /bin/sh -c "nova-manage db sync" nova
openstack service create --name keystone --description "OpenStack Identity" identity
openstack service create --name glance --description "OpenStack Image service" image
openstack service create --name nova --description "OpenStack Compute" compute
openstack service create --name neutron --description "OpenStack Networking" network
openstack service create --name cinder --description "OpenStack Block Storage" volume
openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
openstack endpoint create --region RegionOne identity public http://controller:5000/v2.0
openstack endpoint create --region RegionOne identity internal http://controller:5000/v2.0
openstack endpoint create --region RegionOne identity admin http://controller:35357/v2.0
openstack endpoint create --region RegionOne image public http://controller:9292
openstack endpoint create --region RegionOne image internal http://controller:9292
openstack endpoint create --region RegionOne image admin http://controller:9292
openstack endpoint create --region RegionOne compute public http://controller:8774/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696
openstack endpoint create --region RegionOne volume public http://controller:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne volume internal http://controller:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne volume admin http://controller:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(tenant_id\)s
openstack project create --domain default --description "Admin Project" admin
openstack project create --domain default --description "Service Project" service
openstack project create --domain default --description "Demo Project" demo
# Set password below: AdminPass123!
openstack user create --domain default --password-prompt admin
openstack user create --domain default --password-prompt demo
openstack user create --domain default --password-prompt glance
openstack user create --domain default --password-prompt nova
openstack user create --domain default --password-prompt neutron
openstack user create --domain default --password-prompt cinder
openstack role create admin
openstack role create user
openstack role add --project admin --user admin admin
openstack role add --project demo --user demo user
openstack role add --project service --user glance admin
openstack role add --project service --user nova admin
openstack role add --project service --user neutron admin
openstack role add --project service --user cinder admin
openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password token issue
nova keypair-add --pub-key ~/.ssh/id_rsa.pub mykey
systemctl restart neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
nova secgroup-add-rule default tcp 3389 3389 0.0.0.0/0
neutron net-create public --shared --provider:physical_network public --provider:network_type flat
neutron subnet-create public 192.168.0.0/23 --name public2 --allocation-pool start=192.168.0.93,end=192.168.0.99 --dns-nameserver 8.8.4.4 --gateway 192.168.0.1
Reboot
reboot
2. Configure compute1
Disable SELINUX and Firewall
systemctl disable firewalld
systemctl stop firewalld
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
Install RPMs
yum -y install chrony
yum -y install epel-release
yum -y install centos-release-openstack-liberty
yum -y install python-openstackclient
yum -y install openstack-nova-compute sysfsutils
yum -y install openstack-neutron openstack-neutron-linuxbridge ebtables ipset
Chrony
# cat << 'EOF' > /etc/chrony.conf
server controller iburst
EOF
/etc/nova/nova.conf
# cat << 'EOF' > /etc/nova/nova.conf
[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.4.4.2
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
verbose = True
block_device_allocate_retries = 300
block_device_allocate_retries_interval = 10
block_device_creation_timeout = 300
[glance]
host = controller
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = nova
password = AdminPass123!
[libvirt]
virt_type=kvm
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = neutron
password = AdminPass123!
service_metadata_proxy = True
metadata_proxy_shared_secret = METADATA_SECRET
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
EOF
/etc/neutron/neutron.conf
# cat << 'EOF' > /etc/neutron/neutron.conf
[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
verbose = True
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = AdminPass123!
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
EOF
/etc/neutron/plugins/ml2/linuxbridge_agent.ini
# cat << 'EOF' > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = public:enp6s0
[vxlan]
enable_vxlan = False
[agent]
prevent_arp_spoofing = True
[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
EOF
Enable and start services
systemctl enable chronyd.service
systemctl enable libvirtd.service openstack-nova-compute.service
systemctl enable neutron-linuxbridge-agent.service
Reboot
reboot
3. Configure block1
Disable SELINUX and Firewall
systemctl disable firewalld
systemctl stop firewalld
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
Install RPMs
yum -y install chrony
yum -y install epel-release
yum -y install centos-release-openstack-liberty
yum -y install python-openstackclient
yum -y install openstack-cinder targetcli python-oslo-policy
yum -y install lvm2
systemctl enable lvm2-lvmetad.service
systemctl start lvm2-lvmetad.service
Chrony
# cat << 'EOF' > /etc/chrony.conf
server controller iburst
EOF
LVM
pvcreate /dev/sdb1
vgcreate cinder-volumes /dev/sdb1
/etc/cinder/cinder.conf
# cat << 'EOF' > /etc/cinder/cinder.conf
[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.4.4.3
enabled_backends = lvm
glance_host = controller
verbose = True
[database]
connection = mysql://cinder:CINDER_DBPASS@controller/cinder
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = AdminPass123!
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_protocol = iscsi
iscsi_helper = lioadm
EOF
Enable and start services
systemctl enable openstack-cinder-volume.service target.service
systemctl start openstack-cinder-volume.service target.service
Reboot
reboot
Now you can open web page: http://controller/dashboard/ to upload images and create new instances.