devstack

1 快速安装

1 系统硬件

系统版本：Ubuntu 14.04 (Trusty)，安装版本的minimal version

stack@ubuntu:~$cat /etc/issue
Ubuntu 14.04.2 LTS \n \l

查看硬件是否支持虚拟化

命令：grep --color vmx /proc/cpuinfo    #Intel (Intel-VT)
命令：grep --color svm /proc/cpuinfo    #AMD (AMD-V)

localadmin@testopenstack:~/devstack$ grep --color vmx /proc/cpuinfo
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge 
nopl xtopology nonstop_tsc aperfmperf pni ds_cpl vmx smx 

服务器个数

单结点服务器，双网卡

2 下载devstack

下载：git clone https://git.openstack.org/openstack-dev/devstack

stack@ubuntu:~$ git clone  https://git.openstack.org/openstack-dev/devstack
The program 'git' is currently not installed. You can install it by typing:
sudo apt-get install git
stack@ubuntu:~$ sudo apt-get install git
[sudo] password for stack:
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package git

无法找到git时，使用命令sudo apt-get update更新

stack@ubuntu:~$ sudo apt-get update

3 配置local.conf

stack@ubuntu:~$ cd devstack/
stack@ubuntu:~/devstack$ cp samples/local.conf .
stack@ubuntu:~/devstack$ cat local.conf
# Sample ``local.conf`` for user-configurable variables in ``stack.sh``

# NOTE: Copy this file to the root ``devstack`` directory for it to
# work properly.

# ``local.conf`` is a user-maintained settings file that is sourced from ``stackrc``.
# This gives it the ability to override any variables set in ``stackrc``.
# Also, most of the settings in ``stack.sh`` are written to only be set if no
# value has already been set; this lets ``local.conf`` effectively override the
# default values.

# This is a collection of some of the settings we have found to be useful
# in our DevStack development environments. Additional settings are described
# in http://devstack.org/local.conf.html
# These should be considered as samples and are unsupported DevStack code.

# The ``localrc`` section replaces the old ``localrc`` configuration file.
# Note that if ``localrc`` is present it will be used in favor of this section.
[[local|localrc]]

# Minimal Contents
# ----------------
FLOATING_RANGE=192.168.1.224/27
FIXED_RANGE=10.11.12.0/24
FIXED_NETWORK_SIZE=256
FLAT_INTERFACE=eth0

# While ``stack.sh`` is happy to run without ``localrc``, devlife is better when
# there are a few minimal variables set:

# If the ``SERVICE_TOKEN`` and ``*_PASSWORD`` variables are not set
# here you will be prompted to enter values for them by ``stack.sh``
# and they will be added to ``local.conf``.
SERVICE_TOKEN=azertytokenzhf
ADMIN_PASSWORD=123456
MYSQL_PASSWORD=$ADMIN_PASSWORD
RABBIT_PASSWORD=$ADMIN_PASSWORD
SERVICE_PASSWORD=$ADMIN_PASSWORD

# ``HOST_IP`` should be set manually for best results if the NIC configuration
# of the host is unusual, i.e. ``eth1`` has the default route but ``eth0`` is the
# public interface.  It is auto-detected in ``stack.sh`` but often is indeterminate
# on later runs due to the IP moving from an Ethernet interface to a bridge on
# the host. Setting it here also makes it available for ``openrc`` to include
# when setting ``OS_AUTH_URL``.
# ``HOST_IP`` is not set by default.
#HOST_IP=w.x.y.z


# Logging
# -------

# By default ``stack.sh`` output only goes to the terminal where it runs.  It can
# be configured to additionally log to a file by setting ``LOGFILE`` to the full
# path of the destination log file.  A timestamp will be appended to the given name.
LOGFILE=$DEST/logs/stack.sh.log

# Old log files are automatically removed after 7 days to keep things neat.  Change
# the number of days by setting ``LOGDAYS``.
LOGDAYS=2

# Nova logs will be colorized if ``SYSLOG`` is not set; turn this off by setting
# ``LOG_COLOR`` false.
#LOG_COLOR=False


# Using milestone-proposed branches
# ---------------------------------

# Uncomment these to grab the milestone-proposed branches from the repos:
#CINDER_BRANCH=milestone-proposed
#GLANCE_BRANCH=milestone-proposed
#HORIZON_BRANCH=milestone-proposed
#KEYSTONE_BRANCH=milestone-proposed
#KEYSTONECLIENT_BRANCH=milestone-proposed
#NOVA_BRANCH=milestone-proposed
#NOVACLIENT_BRANCH=milestone-proposed
#NEUTRON_BRANCH=milestone-proposed
#SWIFT_BRANCH=milestone-proposed


# Swift
# -----

# Swift is now used as the back-end for the S3-like object store. If Nova's
# objectstore (``n-obj`` in ``ENABLED_SERVICES``) is enabled, it will NOT
# run if Swift is enabled. Setting the hash value is required and you will
# be prompted for it if Swift is enabled so just set it to something already:
#SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5

# For development purposes the default of 3 replicas is usually not required.
# Set this to 1 to save some resources:
#SWIFT_REPLICAS=1

# The data for Swift is stored by default in (``$DEST/data/swift``),
# or (``$DATA_DIR/swift``) if ``DATA_DIR`` has been set, and can be
# moved by setting ``SWIFT_DATA_DIR``. The directory will be created
# if it does not exist.
#SWIFT_DATA_DIR=$DEST/data

# Tempest
# -------

# Install the tempest test suite
#enable_service tempest

4 安装：./stack.sh

localadmin@ubuntu:~/devstack$ ./stack.sh
...
Horizon is now available at http://192.168.100.128/
Keystone is serving at http://192.168.100.128:5000/v2.0/
Examples on using novaclient command line is in exercise.sh
The default users are: admin and demo
The password: 123456
This is your host ip: 192.168.100.128
localadmin@ubuntu:~/devstack$ source openrc admin demo
localadmin@ubuntu:~/devstack$ nova list
+----+------+--------+------------+-------------+----------+
| ID | Name | Status | Task State | Power State | Networks |
+----+------+--------+------------+-------------+----------+
+----+------+--------+------------+-------------+----------+
localadmin@ubuntu:~/devstack$ nova image-list
+--------------------------------------+---------------------------------+--------+--------+
| ID                                   | Name                            | Status | Server |
+--------------------------------------+---------------------------------+--------+--------+
| a49458fd-96b0-48a5-b939-4efd7c105532 | Fedora-x86_64-20-20140618-sda   | ACTIVE |        |
| 550e397e-afae-4281-8439-c7ad2fcae173 | cirros-0.3.2-x86_64-uec         | ACTIVE |        |
| c7dd445a-439a-4432-8725-41b1914db8d0 | cirros-0.3.2-x86_64-uec-kernel  | ACTIVE |        |
| 4786e267-2648-4616-966b-ab385094bc26 | cirros-0.3.2-x86_64-uec-ramdisk | ACTIVE |        |
+--------------------------------------+---------------------------------+--------+--------+
localadmin@ubuntu:~/devstack$ nova net-list
+--------------------------------------+---------+---------------+
| ID                                   | Label   | CIDR          |
+--------------------------------------+---------+---------------+
| d638872f-ac21-4e6d-807e-59d2ffb6dbd3 | private | 10.11.12.0/24 |
+--------------------------------------+---------+---------------+
localadmin@ubuntu:~/devstack$ nova host-list
+-----------+-------------+----------+
| host_name | service     | zone     |
+-----------+-------------+----------+
| ubuntu    | conductor   | internal |
| ubuntu    | cert        | internal |
| ubuntu    | network     | internal |
| ubuntu    | scheduler   | internal |
| ubuntu    | consoleauth | internal |
| ubuntu    | compute     | nova     |
+-----------+-------------+----------+

使用默认用户demo：

localadmin@ubuntu:~/devstack$ source openrc
localadmin@ubuntu:~/devstack$ source openrc demo demo

使用默认用户admin：

localadmin@ubuntu:~/devstack$ source openrc admin admin

5 重启后执行stack.sh脚本重新部署OpenStack环境

由于采用源码安装，没有开机启动脚本，所以需要手工启动相关的服务，最简单的方式，就是再运行stack.sh脚本.
缺点就是所有的设置，数据都清空。在local.conf配置文件中设置OFFLINE(stackrc文件中)以使stack.sh运行时不联网：
OFFLINE = true

6 重新安装

安装失败后，调用unstack.sh和clean.sh清理相关服务。

要重新安装时，在local.conf配置文件中设置RECLONE(functions-common中)，以更新每个repo:

RECLONE=yes    #A clean install every time

2 与openstack服务交互

devstack使用screen来运行各个服务，默认screen名是stack，在stackrc文件中配置：

# Whether to use 'dev mode' for screen windows. Dev mode works by
# stuffing text into the screen windows so that a developer can use
# ctrl-c, up-arrow, enter to restart the service. Starting services
# this way is slightly unreliable, and a bit slower, so this can
# be disabled for automated testing by setting this value to False.
USE_SCREEN=True
SCREEN_NAME=${SCREEN_NAME:-stack}

screen中的openstack服务运行在单一模式(standalone mode)

访问：

localadmin@ubuntu:~/devstack$ screen -x stack

rejoin:

localadmin@ubuntu:~/devstack$ ./rejoin-stack.sh

重启screen中的各服务

    1 用ctrl + a + "选择相应的服务，并进入;

    2 用ctrl + c取消选中的服务，再重新运行。

销毁screen: $ ./unstack.sh

3 Neutron网络

https://wiki.openstack.org/wiki/NeutronDevstack
单结点，在local.conf中配置如下:

[[local|localrc]]
disable_service n-net
enable_service q-svc
enable_service q-agt
enable_service q-dhcp
enable_service q-l3
enable_service q-meta
# Optional, to enable tempest configuration as part of devstack
enable_service tempest

多结点：

controller node中的localrc:

disable_service n-net
enable_service q-svc
enable_service q-agt
enable_service q-dhcp
enable_service q-l3
enable_service q-meta
enable_service neutron

compute nodes中的localrc:

ENABLED_SERVICES=n-cpu,rabbit,neutron,q-agt
SERVICE_HOST=[IP of controller node]
MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
Q_HOST=$SERVICE_HOST

4 Best Localrc

# Misc
DATABASE_PASSWORD=password
ADMIN_PASSWORD=password
SERVICE_PASSWORD=password
SERVICE_TOKEN=password
RABBIT_PASSWORD=password

# Reclone each time
RECLONE=yes

## For Keystone
KEYSTONE_TOKEN_FORMAT=PKI

## For Swift
SWIFT_REPLICAS=1
SWIFT_HASH=011688b44136573e209e

## For Ceph
ENABLED_SERVICES+=,ceph
CEPH_LOOPBACK_DISK_SIZE=10G
CEPH_CONF=/etc/ceph/ceph.conf
CEPH_REPLICAS=1
GLANCE_CEPH_USER=glancy
GLANCE_CEPH_POOL=imajeez
CINDER_DRIVER=ceph
CINDER_CEPH_USER=cindy
CINDER_CEPH_POOL=volumeuh
CINDER_CEPH_UUID=6d52eb95-12f3-47e3-9eb9-0c1fe4142426
CINDER_BAK_CEPH_POOL=backeups
CINDER_BAK_CEPH_USER=cind-backeups
CINDER_ENABLED_BACKENDS=ceph,lvm
NOVA_CEPH_POOL=vmz

# Enable Logging
LOGFILE=/opt/stack/logs/stack.sh.log
VERBOSE=True
LOG_COLOR=True
SCREEN_LOGDIR=/opt/stack/logs

# Pre-requisite
ENABLED_SERVICES=rabbit,mysql,key

## If you want ZeroMQ instead of RabbitMQ (don't forget to un-declare 'rabbit' from the pre-requesite)
ENABLED_SERVICES+=,-rabbit,-qpid,zeromq

## If you want Qpid instead of RabbitMQ (don't forget to un-declare 'rabbit' from the pre-requesite)
ENABLED_SERVICES+=,-rabbit,-zeromq,qpid

# Horizon (Dashboard UI) - (always use the trunk)
ENABLED_SERVICES+=,horizon
HORIZON_REPO=https://github.com/openstack/horizon
HORIZON_BRANCH=master

# Nova - Compute Service
ENABLED_SERVICES+=,n-api,n-crt,n-obj,n-cpu,n-cond,n-sch
IMAGE_URLS+=",https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img"

# Nova Network - If you don't want to use Neutron and need a simple network setup (old good stuff!)
ENABLED_SERVICES+=,n-net

## Nova Cells
ENABLED_SERVICES+=,n-cell

# Glance - Image Service
ENABLED_SERVICES+=,g-api,g-reg

# Swift - Object Storage
ENABLED_SERVICES+=,s-proxy,s-object,s-container,s-account

# Neutron - Networking Service
# If Neutron is not declared the old good nova-network will be used
ENABLED_SERVICES+=,q-svc,q-agt,q-dhcp,q-l3,q-meta,neutron

## Neutron - Load Balancing
ENABLED_SERVICES+=,q-lbaas

## Neutron - VPN as a Service
ENABLED_SERVICES+=,q-

## Neutron - Firewall as a Service
ENABLED_SERVICES+=,q-fwaas

# VLAN configuration
Q_PLUGIN=ml2
ENABLE_TENANT_VLANS=True

# GRE tunnel configuration
Q_PLUGIN=ml2
ENABLE_TENANT_TUNNELS=True

# VXLAN tunnel configuration
Q_PLUGIN=ml2
Q_ML2_TENANT_NETWORK_TYPE=vxlan   

# Cinder - Block Device Service
ENABLED_SERVICES+=,cinder,c-api,c-vol,c-sch,c-bak

# Heat - Orchestration Service
ENABLED_SERVICES+=,heat,h-api,h-api-cfn,h-api-cw,h-eng
IMAGE_URLS+=",http://fedorapeople.org/groups/heat/prebuilt-jeos-images/F17-x86_64-cfntools.qcow2"

# Ceilometer - Metering Service (metering + alarming)
ENABLED_SERVICES+=,ceilometer-acompute,ceilometer-acentral,ceilometer-collector,ceilometer-api
ENABLED_SERVICES+=,ceilometer-alarm-notify,ceilometer-alarm-eval

# Apache fronted for WSGI
APACHE_ENABLED_SERVICES+=keystone,swift

5 devstack结构

5.1 local.conf

local.conf不随devstack发布，devstack更新时不会被覆盖。
local.conf改进的INI格式的用户维护的配置文件，在stackrc文件中被source

1 格式

节头：[[ | ]]
    1 is one of a set of phase names defined by stack.sh

stack@ubuntu:~/devstack$ cat stack.sh | grep "# Phase"
# Phase: local
# Phase: source
# Phase: pre-install
# Phase: install
# Phase: post-config
# Phase: post-config
# Phase: extra
# Phase: extra
# Phase: post-extra

?local - extracts localrc from local.conf before stackrc is sourced
?pre-install - runs after the system packages are installed but before any of the source repositories are installed
?install - runs immediately after the repo installations are complete
?post-config - runs after the layer 2 services are configured and before they are started
?extra - runs after services are started and before any files in extra.d are executed

     2 is the configuration filename
在stack.sh上下文中，shell命令eval执行配置文件名，因此所有的环境变量可用。
文件按顺序处理。文件路径不存在时，忽略此配置文件。
强烈建议使用工程配置文件名，如:NOVA_CONF

[[post-config|$NOVA_CONF]]
[DEFAULT]
use_syslog = True

[osapi_v3]
enabled = False

#Q_PLUGIN_CONF_FILE NOT start with a / (slash) character. 
#A slash will need to be added
[[post-config|/$Q_PLUGIN_CONF_FILE]]
[agent]
tunnel_type=vxlan
vxlan_udp_port=8472

[[post-config|$NEUTRON_CONF]]
[DEFAULT]
tenant_network_type=vxlan

meta-section：[[local|localrc]]，
其中的localrc配置文件如果存在，优先使用; 如果不存在，会生成.localrc.auto配置文件。

在初次运行stack.sh时，文件stackrc中调用get_default_host_ip函数来检测HOST_IP的值，
但是在IP从网口移动到网桥时，HOST_IP的值不确定，所以应该手工设置一下HOST_IP，以设置
openrc文件中的KEYSTONE_AUTH_HOST变量。
HOST_IP=192.168.128.50

openstack中的客户VMs有两种IP地址类型：
1 fixed IPs：在vms启动时，分配给instances。实例终止时，分配的IP回收。
2 floating IPs：用户来决定与哪个instance关联,用来为私有云中的实例提供公共IP，以便外部访问。
两种类型的IP地地址都可以是公用的或专用的IP.
不设floating IPs，只设fixed IPs时可以运行openstack.
FLOATING_RANGE设置成不使用的local network的一部分，以从本地访问instance。For example, if the IPs given out on your network by DHCP are 192.168.1.X - where X is between 100 and 200 you will be able to use IPs 201-254 for floating ips.
FIXED_RANGE设置instances使用的内部地址空间。
FLAT_INTERFACE连接主机和本地网的网口。两种使用情况：
    1 单结点时，设置FLAT_INTERFACE，以阻止nova桥接任何网口到FLAT_NETWORK_BRIDGE
    2 多结点主机且使用FlatDHCP网络时。要保证此网口没有IP。

FLOATING_RANGE=192.168.1.224/27  
FIXED_RANGE=10.11.12.0/24  
FIXED_NETWORK_SIZE=256  
FLAT_INTERFACE=eth0  

FIXED_RANGE和FLOATING_RANGE网络范围不能与主机上已使用的网络重叠。
RFC-1918 ‘private’ ranges经常被用于the local networking和Nova’s fixed and floating ranges。
RFC-1918:Internet Assigned Numbers Authority (IANA)保留的专用网IP地址空间块：

24-bit block:     10.0.0.0        -   10.255.255.255  (10/8 prefix)
20-bit block:     172.16.0.0      -   172.31.255.255  (172.16/12 prefix)
16-bit block:     192.168.0.0     -   192.168.255.255 (192.168/16 prefix)

如果不设置FIXED_RANGE，FLOATING_RANGE和HOST_IP，stackrc会设置默认值：

FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.0/24}
FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24}
FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256}
HOST_IP_IFACE=${HOST_IP_IFACE:-}
HOST_IP=${HOST_IP:-}

HOST_IP=$(get_default_host_ip $FIXED_RANGE $FLOATING_RANGE "$HOST_IP_IFACE" "$HOST_IP")

参考：http://docs.openstack.org/developer/devstack/configuration.html

5.2 stackrc

stackrc包含locations for the OpenStack repositories, branches to configure和其它默认配置.
stackrc sources the ``localrc`` section of ``local.conf``，以覆盖环境变量设置。
1 ENABLED_SERVICES:指定启动的服务，一个服务对应screen的一个tab。
默认启动的服务：

# Keystone - nothing works without keystone
ENABLED_SERVICES=key
# Nova - services to support libvirt based openstack clouds
ENABLED_SERVICES+=,n-api,n-cpu,n-net,n-cond,n-sch,n-novnc
# Glance services needed for Nova
ENABLED_SERVICES+=,g-api,g-reg
# Cinder
ENABLED_SERVICES+=,c-sch,c-api,c-vol
# Dashboard
ENABLED_SERVICES+=,horizon
# Additional services
ENABLED_SERVICES+=,rabbit,tempest,mysql,dstat

在local.conf文件中，使用``enable_service``和``disable_service``函数来启停相关服务。

2 Service Repos

# compute service
NOVA_REPO=${NOVA_REPO:-${GIT_BASE}/openstack/nova.git}
NOVA_BRANCH=${NOVA_BRANCH:-master}

5.3 stack.sh

stack.sh是主脚本，用于安装和配置不同组合的openstack服务。
默认的变量位于stackrc文件，

设置合适的环境变量来改变脚本的选项。
1 export命令设置临时变量：

 export DATABASE_PASSWORD=anothersecret
 ./stack.sh

2 命令行上设置：

DATABASE_PASSWORD=simple ./stack.sh

3 在local.conf中设置永久变量

[[local|localrc]]
DATABASE_PASSWORD=anothersecret
DATABASE_USER=hellaroot

可以不设置任何环境变量，直接运行整个脚本，这会提示输入账户密码和service token。这会在当前目录生成localrc文件，以保存设置(read_password函数)。

因为Horizon中的Apache不服务于root用户，stack.sh必须以非root用户运行，执行$TOP_DIR/tools/create-stack-user.sh创建帐户stack。
过程的输出信息大致总结出了它的执行过程：
1.下载并安装 OpenStack 运行所需要的系统软件，大概包括一些 Python 的组件、MySQL、rabbitmq-server 等。
2.下载 OpenStack 组件，包括 nova 、keystone、glance、noVNC、horizon 等。
3.下载并安装 OpenStack 源码所依赖的 Python 库和框架 。
4.安装 OpenStack 各组件。
5.启动各项服务。

参考：http://blog.csdn.net/zhaihaifei/article/details/40893823

5.4 openrc

openrc配置登录认证信息，以使用命令行工具，如nova, glance等。
执行：source openrc [username] [tenantname]

# Configure a set of credentials for $TENANT/$USERNAME:
#   Set OS_TENANT_NAME to override the default tenant 'demo'
#   Set OS_USERNAME to override the default user name 'demo'
#   Set ADMIN_PASSWORD to set the password for 'admin' and 'demo'

参考：

官网：http://docs.openstack.org/developer/devstack/
DevStack in 1 Minute：http://www.sebastien-han.fr/blog/2013/08/08/devstack-in-1-minute/
nova-network安装: http://networkstatic.net/installing-openstack-grizzly-with-devstack/
Quantum Devstack：http://networkstatic.net/openstack-folsom-quantum-devstack-installation-tutorial/
http://packetpushers.net/openstack-quantum-network-implementation-in-linux/