Before you begin

Before you can install OpenStack, some work must be done to prepare the system for a successful installation.

Permissions

OpenStack services can be installed either as root or as a user with sudo permissions. The latter may require that the user be added to the sudoers file on each host. For tips on configuring sudoers, please visit the following URL:

http://wiki.centos.org/TipsAndTricks/BecomingRoot

For this installation, all commands should be run as root unless specified otherwise.

Configuring the OpenStack repository

Installation of OpenStack on CentOS uses packages from the RedHat RDO repository. To enable the RDO repository, download and install the rdo-release-havana package on all hosts:

# rpm -ivh http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-8.noarch.rpm

The EPEL package includes GPG keys to aid in signing packages and repository information and should be installed on all hosts:

# rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Installing OpenStack utilities

The crudini utility is used throughout this book to make the configuration of various services easier and consistent. Crudini overwrites or adds individual configuration settings without overwriting the entire file. The following command installs crudini and another useful OpenStack configuration package, openstack-utils:

# yum -y install crudini openstack-utils

Setting the hostnames

Before installing OpenStack, be sure that each node in the environment has been configured with its proper hostname. Using a text editor, change the HOSTNAME value in the /etc/sysconfig/network file on each host:

• Controller node: HOSTNAME=controller.learningneutron.com
• Compute node: HOSTNAME=compute01.learningneutron.com

To simplify communication between hosts, it is recommended that DNS or a local name resolver be used to resolve hostnames. Using a text editor, update the /etc/hosts file on each node to include the management IP address and hostname of all nodes:

10.254.254.100 controller.learningneutron.com controller
10.254.254.101 compute01.learningneutron.com compute01

Disabling SELinux

To avoid issues with communication among services, it is advised that the SELinux security policy be disabled on all nodes for the duration of this installation and subsequent test use.

SELinux can be set to one of the following three states:

• enforcing: SELinux security policy is enforced
• permissive: SELinux prints warnings instead of enforcing
• disabled: No SELinux policy is loaded

To disable SELinux, edit the /etc/selinux/config file, and change the SELINUX value to disabled. For your convenience, the following command will make the appropriate change:

# sed -i "/SELINUX=enforcing/c\SELINUX=disabled" /etc/selinux/config

Removing iptables rules

CentOS ships with rather restrictive iptables rules by default. Edit the iptables firewall service to allow all incoming traffic with the following commands:

# iptables -D INPUT -j REJECT --reject-with icmp-host-prohibited
# iptables -D FORWARD -j REJECT --reject-with icmp-host-prohibited
# service iptables save

Tip

The rule changes are meant to reduce possible issues with this installation guide and are not meant for production use. Consult the OpenStack security guide at http://docs.openstack.org/sec/ for more information on securing an OpenStack environment.

Installing and configuring Network Time Protocol

A time synchronization program, such as NTP, is a requirement, as OpenStack services depend on consistent and synchronized time between hosts. For Nova (Compute), having synchronized time helps to avoid problems when scheduling VM launches on compute nodes. Other services can experience similar issues when the time is not synchronized.

To install NTP, issue the following commands on all nodes in the environment:

# yum -y install ntp
# service ntpd start

Unlike Ubuntu, the RHEL and CentOS operating systems do not automatically start services upon installation. To configure NTP to start at boot, use the chkconfig command as follows:

# chkconfig ntpd on

Additional services will be configured to start in a similar manner throughout this book.

Upgrading the system

Before installing OpenStack, it is imperative that the kernel and other system packages on each node be upgraded to the latest version supported by CentOS 6.5. Issue the following yum command on each node, followed by a reboot to allow the changes to take effect:

# yum -y upgrade
# reboot