This is the first part of two part tutorial to manually install and configure controller node in Openstack. The controller node runs the Identity service, Image service, management portions of Compute, management portion of Networking, various Networking agents, and the Dashboard. It also includes supporting services such as an SQL database, message queue, and Network Time Protocol (NTP).

Optionally, the controller node runs portions of the Block Storage, Object Storage, Orchestration, and Telemetry services.

Steps to Install and configure Controller Node in OpenStack - Part 1

 

Below are the core and optional component of the Controller Node. From docs.openstack.org

Steps to Install and configure Controller Node in OpenStack - Part 1

 

Steps to Install and Configure controller node in OpenStack

To install and configure controller node and entire setup of Openstack will be time taking process if done manually so there are alternate ways to automate the configuration and deployment using tools like packstack, devstack and tripleo. I have already shared step by step guide to set up your openstack deployment on virtual machines using packstack and tripleO i.e. Openstack on Openstack.

 

For this article I will use “Queens” release of Openstack. In this article I will cover the below topics

  • Configure Networking
  • Configure NTP
  • Enable OpenStack Repository
  • Install the OpenStack Client
  • Install and configure MariaDB database
  • Secure MariaDB database
  • Install RabbitMQ service
  • Configure Memcached
  • OpenStack keystone service
  • Update Keystone configuration
  • Create Project or Tenant
  • Create environment files

 

Here my setup is running on a Oracle Virtual Box hosted on a Windows 10 host. Below is my setup config

ConfigurationValue
Disk10 GB
Memory4 GB
vCPU2
OSCentOS 7.4
NIC110.0.2.10
NIC2DHCP

 

Configure Networking

My controller IP is "10.0.2.10"

[[email protected] ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:df:87:41 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.10/24 brd 10.0.2.255 scope global enp0s3
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fedf:8741/64 scope link
       valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:95:c3:cd brd ff:ff:ff:ff:ff:ff
    inet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic eth0
       valid_lft 69907sec preferred_lft 69907sec
    inet6 fe80::a00:27ff:fe95:c3cd/64 scope link
       valid_lft forever preferred_lft forever
NOTE:
Here 10.0.3.15 is my external network which is used to connect to Internet for downloading the required packages

I have mapped my hostname, FQDN with IP address for my setup in the hosts file of the controller node. We will do the same on the other nodes once we start working on them

[[email protected] ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.0.2.10       controller.example.com controller
10.0.2.11       compute.example.com compute
10.0.2.12       network.example.com network
10.0.2.13       storage.example.com storage

For our demo setup we will stop the firewall services

[[email protected] ~]# systemctl stop firewalld
[[email protected] ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

WARNING:

It is important that in a production environment the firewall is enabled, up and running. You must add all the required iptables rules for your openstack services to be reachable across the nodes and within the various services.

OpenStack networking currently does not work on systems that have the Network Manager (NetworkManager) service enabled. The Network Manager service is currently enabled by default on RHEL / CentOS 7. So disable and stop the NetworkManager service.

[[email protected] ~]# systemctl disable NetworkManager
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.

[[email protected] ~]# systemctl stop NetworkManager

 

Configure NTP

Install the required ntp daemon if not already available

[[email protected] ~]# yum -y install ntp

Place you NTP server pools in your ntp.conf

server 0.asia.pool.ntp.org
server 1.asia.pool.ntp.org
server 2.asia.pool.ntp.org
server 3.asia.pool.ntp.org

Next restart your ntpd service

[[email protected] ~]# systemctl restart ntpd

Check the ntpd daemon status

[[email protected] ~]# systemctl status ntpd
● ntpd.service - Network Time Service
   Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2018-11-01 21:18:12 IST; 4s ago
  Process: 15456 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 15457 (ntpd)
   CGroup: /system.slice/ntpd.service
           └─15457 /usr/sbin/ntpd -u ntp:ntp -g

Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen and drop on 1 v6wildcard :: UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 2 lo 127.0.0.1 UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 3 enp0s3 10.0.2.10 UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 4 eth0 10.0.3.15 UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 5 lo ::1 UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 6 enp0s3 fe80::a00:27ff:fedf:8741 UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 7 eth0 fe80::a00:27ff:fe95:c3cd UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listening on routing socket on fd #24 for interface updates
Nov 01 21:18:13 controller.example.com ntpd[15457]: 0.0.0.0 c016 06 restart
Nov 01 21:18:13 controller.example.com ntpd[15457]: 0.0.0.0 c012 02 freq_set kernel 8.476 PPM

Next check if your NTP service is able to connect to it’s peers

[[email protected] ~]# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 ns-vultr.nono.i 218.73.139.35    2 u   14   64    1  304.210  5213983   0.000
 hkg1.m-d.net    133.243.238.163  2 u   16   64    1  317.870  5213989   0.000
 ntp.sg.eria.one 10.84.87.146     2 u   18   64    1  208.213  5213990   0.000
 203.95.213.129  193.62.22.74     3 u   19   64    1  601.558  5214001   0.000

 

Enable OpenStack repository

On CentOS, the extras repository provides the RPM that enables the OpenStack repository. CentOS includes the extras repository by default, so you can simply install the package to enable the OpenStack repository.

NOTE:
Since we are installing Queens release, we will install the queen repo from the project
[[email protected] ~]# yum install centos-release-openstack-queens -y

Download and install the RDO repository RPM to enable the OpenStack repository.

[[email protected] ~]# yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-queens/rdo-release-queens-1.noarch.rpm

Lastly our final list of repository required to install and configure controller node in OpenStack are below

[[email protected] ~]# yum repolist
Loaded plugins: fastestmirror, langpacks
Repository rdo-trunk-queens-tested is listed more than once in the configuration
Loading mirror speeds from cached hostfile
 * base: centos.excellmedia.net
 * extras: centos.excellmedia.net
 * updates: centos.excellmedia.net
repo id                                                             repo name                                                      status
!base/7/x86_64                                                      CentOS-7 - Base                                                  9,911
!centos-ceph-luminous/7/x86_64                                      CentOS-7 - Ceph Luminous                                           184
!centos-openstack-queens/7/x86_64                                   CentOS-7 - OpenStack queens                                    2,447+2
!centos-qemu-ev/7/x86_64                                            CentOS-7 - QEMU EV                                                  63
!extras/7/x86_64                                                    CentOS-7 - Extras                                                  432
!openstack-queens/x86_64                                            OpenStack Queens Repository                                      2,449
!rdo-qemu-ev/x86_64                                                 RDO CentOS-7 - QEMU EV                                              63
!updates/7/x86_64                                                   CentOS-7 - Updates                                               1,614
repolist: 17,163

 

Install the OpenStack client

The "openstackclisent" aka "OSC" is a command line client for openstack which brings the command set for compute, identity, image, object storage and block storage APIs together in a single shell with a uniform command structure. This tool is required to install and configure controller node in OpenStack.

[[email protected] ~]# yum install python-openstackclient -y

 

Install and Configure MariaDB database

Openstack is quite flexible in the database selection, OpenStack supports SQL database engines like MariaDB, MySQL and postgresql. The database service runs on the controller node. For this demo we will use MariaDB so let us go ahead and install MariaDB packages. Along with that we should also install python client libraries for MySQL.

[[email protected] ~]# yum install mariadb mariadb-server python2-PyMySQL

Let us create a new file openstack.cnf inside /etc/my.cnf.d with below content.

[[email protected] ~]# cat /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 10.0.2.10
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
character-set-server = utf8

Create a [mysqld] section, and set the bind-address key to the management IP address of the controller node to enable access by other nodes via the management network. Set additional keys to enable useful options and the UTF-8 character set:

Start the database service and configure it to start when the system boots:

[[email protected] ~]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.

[[email protected] ~]# systemctl start mariadb

Check the status

[[email protected] ~]# systemctl status mariadb
● mariadb.service - MariaDB 10.1 database server
   Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2018-11-01 17:23:26 IST; 18h ago
 Main PID: 3364 (mysqld)
   Status: "Taking your SQL requests now..."
   CGroup: /system.slice/mariadb.service
           └─3364 /usr/libexec/mysqld --basedir=/usr

Nov 01 17:23:26 controller.example.com systemd[1]: Starting MariaDB 10.1 database server...
Nov 01 17:23:26 controller.example.com mysql-prepare-db-dir[3327]: Database MariaDB is probably initialized in /var/lib/mysql alre...done.
Nov 01 17:23:26 controller.example.com mysqld[3364]: 2018-11-01 17:23:26 139821793515712 [Note] /usr/libexec/mysqld (mysqld 10.1....64 ...
Nov 01 17:23:26 controller.example.com systemd[1]: Started MariaDB 10.1 database server.
Hint: Some lines were ellipsized, use -l to show in full.

 

Secure MariaDB Database

Execute the below command to set security for your MySQL or MariaDB database in multiple ways like setting root user password, remove root accounts that are accessible from outside the localhost remove anonymous accounts which by default can be accessed by anyone in your account (also anonymous), and privileges that allows anyone to access database with names "test_"

Let us start our script

[[email protected] ~]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

 

Install RabbitMQ Service

OpenStack uses a message queue to coordinate operations and status information among services. The message queue service typically runs on the controller node.

[[email protected] ~]# yum install rabbitmq-server -y

Start the message queue service and configure it to start when the system boots:

[[email protected] ~]# systemctl enable rabbitmq-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.


[[email protected] ~]# systemctl start rabbitmq-server.service

Add the openstack user with redhat as the password

[[email protected] ~]# rabbitmqctl add_user openstack redhat
Creating user "openstack" ...

Permit configuration, write, and read access for the openstack user:

[[email protected] ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...

 

Configure Memcached

The Identity service authentication mechanism for services uses Memcached to cache tokens. The memcached service typically runs on the controller node.

Install the packages:

[[email protected] ~]# yum install memcached python-memcached -y

Configure the service to use the management IP address of the controller node. This is to enable access by other nodes via the management network:

[[email protected] ~]# cat /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1,controller"

Start the Memcached service and configure it to start when the system boots:

[[email protected] ~]# systemctl enable memcached.service
[[email protected] ~]# systemctl start memcached.service

 

Openstack keystone Service

The OpenStack Identity service provides a single point of integration for managing authentication, authorization, and a catalog of services.

The Identity service is typically the first service a user interacts with. Once authenticated, an end user can use their identity to access other OpenStack services. Likewise, other OpenStack services leverage the Identity service to ensure users are who they say they are and discover where other services are within the deployment. The Identity service can also integrate with some external user management systems (such as LDAP).

Use the database access client to connect to the database server as the root user:

[[email protected] ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

Create the keystone database:

MariaDB [(none)]> CREATE DATABASE keystone;
Query OK, 1 row affected (0.00 sec)

Grant proper access to the keystone database:

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';
Query OK, 0 rows affected (0.00 sec)
NOTE:
Replace KEYSTONE_DBPASS with your password. For this example my password will be openstack

Exit from the database

MariaDB [(none)]> quit
Bye

 

Update Keystone Configuration

Run the following command to install the packages:

[[email protected] ~]# yum install openstack-keystone openstack-utils httpd mod_wsgi -y

Next configure your keystone configuration file

NOTE:
Replace KEYSTONE_DBPASS with your password. For this example my password will be openstack
[[email protected] ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token b6648ecb74bbcb5d388d
[[email protected] ~]# openstack-config --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:[email protected]/keystone
[[email protected] ~]# openstack-config --set /etc/keystone/keystone.conf token provider fernet

Synchronize keystone database

[[email protected] ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone

Token provider configuration

[[email protected] ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[[email protected] ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

[[email protected] ~]# keystone-manage bootstrap --bootstrap-password redhat --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne

 

Configure Apache HTTP Service

[[email protected] ~]# vim /etc/httpd/conf/httpd.conf
ServerName controller

Create a link to the /usr/share/keystone/wsgi-keystone.conf file:

[[email protected] ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

[[email protected] ~]# systemctl enable httpd.service
[[email protected] ~]# systemctl start httpd.service
[[email protected] ~]# systemctl status httpd.service

Create keystone service entity

[[email protected] ~]# openstack service create --name keystone --description "Openstack Identity" identity
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Openstack Identity               |
| enabled     | True                             |
| id          | 329a0fb8b2a7421fb24c8b7baeefee39 |
| name        | keystone                         |
| type        | identity                         |
+-------------+----------------------------------+

Create keystone service endpoint

[[email protected] ~]# openstack endpoint create --region RegionOne identity public http://controller:5000/v3
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 42cb3d82acbc47db8e0473b00517bc29 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 329a0fb8b2a7421fb24c8b7baeefee39 |
| service_name | keystone                         |
| service_type | identity                         |
| url          | http://controller:5000/v3        |
+--------------+----------------------------------+

[[email protected] ~]# openstack endpoint create --region RegionOne identity internal http://controller:5000/v3
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 30daf6142c2e4a8abe011b16c5bc0c3c |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 329a0fb8b2a7421fb24c8b7baeefee39 |
| service_name | keystone                         |
| service_type | identity                         |
| url          | http://controller:5000/v3        |
+--------------+----------------------------------+

[[email protected] ~]# openstack endpoint create --region RegionOne identity admin http://controller:35357/v3
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 0270117e53c04d958e79b33fc247b7a0 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 329a0fb8b2a7421fb24c8b7baeefee39 |
| service_name | keystone                         |
| service_type | identity                         |
| url          | http://controller:35357/v3       |
+--------------+----------------------------------+

[[email protected] ~]# openstack domain create --description "Default Domain" default
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Default Domain                   |
| enabled     | True                             |
| id          | 0267824b7d934264aa9d560e7650681b |
| name        | default                          |
| tags        | []                               |
+-------------+----------------------------------+

 

Create Project or Tenant

[[email protected] ~]# openstack project create --domain default --description "Admin Project" admin
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Admin Project                    |
| domain_id   | 0267824b7d934264aa9d560e7650681b |
| enabled     | True                             |
| id          | 8bb9c0b1fa7947778a4f914ea0752cfc |
| is_domain   | False                            |
| name        | admin                            |
| parent_id   | 0267824b7d934264aa9d560e7650681b |
| tags        | []                               |
+-------------+----------------------------------+

Create admin user

[[email protected] ~]# openstack user create --domain default --password-prompt admin
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | 0267824b7d934264aa9d560e7650681b |
| enabled             | True                             |
| id                  | 1774158c0048410ea8114a35b7e2db7e |
| name                | admin                            |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

Create admin role

[[email protected] ~]# openstack role create admin
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | None                             |
| id        | 9c24032c58984e3ea6605b30cb2506c4 |
| name      | admin                            |
+-----------+----------------------------------+

Assign admin user to admin role

[[email protected] ~]# openstack role add --project admin --user admin admin

Create a service project

[[email protected] ~]# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Service Project                  |
| domain_id   | 0267824b7d934264aa9d560e7650681b |
| enabled     | True                             |
| id          | 28f0fa2db8c1400db3fa514f5c926cc0 |
| is_domain   | False                            |
| name        | service                          |
| parent_id   | 0267824b7d934264aa9d560e7650681b |
| tags        | []                               |
+-------------+----------------------------------+

Create demo project

[[email protected] ~]# openstack project create --domain default --description "Demo Project" demo
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Demo Project                     |
| domain_id   | 0267824b7d934264aa9d560e7650681b |
| enabled     | True                             |
| id          | c651c6b38d6849099dd6ea754a288e39 |
| is_domain   | False                            |
| name        | demo                             |
| parent_id   | 0267824b7d934264aa9d560e7650681b |
| tags        | []                               |
+-------------+----------------------------------+

Create demo user

[[email protected] ~]# openstack user create --domain default --password-prompt demo
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | 0267824b7d934264aa9d560e7650681b |
| enabled             | True                             |
| id                  | c9c4f121493144be98097c67ad9feeb0 |
| name                | demo                             |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

Create the user role:

[[email protected] ~]# openstack role create user
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | None                             |
| id        | 8b2c75041b7149d5a122f9308d71a773 |
| name      | user                             |
+-----------+----------------------------------+

Add the user role to the demo project and user:

[[email protected] ~]# openstack role add --project demo --user demo user

 

Create environment files

Create client environment scripts for the admin and demo projects and users. Future portions of this guide reference these scripts to load appropriate credentials for client operations.

Below is my adminrc file. Replace the OS_PASSWORD value with your admin password

[[email protected] ~]# cat adminrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=redhat
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

Load the adminrc file to populate environment variables with the location of the Identity service and the admin project and user credentials:

[[email protected] ~]# source adminrc

Request an authentication token:

[[email protected] ~]# openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                                                                   |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires    | 2018-10-25T17:03:34+0000                                                                                                                                                                |
| id         | gAAAAABb0elWkG4Q6UZ_NCXqazQAEubroEpeHelbD3UrOAdZsHtcdDJ1n7Fnb2xuGZfBLc74UZznZVA4lOT304SF9N7ZlFlXr39ZHmdlqB6iD1hbARkCkJt2rXARRretqw5vyLK07RXGrVtjFgN5wccU0PiZRgVRFyqkDdHMrcLcicDo1GrQlbg |
| project_id | 8bb9c0b1fa7947778a4f914ea0752cfc                                                                                                                                                        |
| user_id    | 1774158c0048410ea8114a35b7e2db7e                                                                                                                                                        |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Similarly below is my demorc file

[[email protected] ~]# cat demorc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=redhat
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

Load the demorc file to populate environment variables with the location of the Identity service and the demo project and user credentials:

[[email protected] ~]# source demorc

Request an authentication token:

[[email protected] ~]# openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                                                                   |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires    | 2018-10-25T17:08:07+0000                                                                                                                                                                |
| id         | gAAAAABb0epn7oHBEcsoApMqFT3bQ9aMtE-n4lJ_rnRmFuuAlPuQ4Pgel2QfsVEywwTgSxEzeBFT3NVkBJ3Y2pD8VhJPSSn_EjrNudGa9M9UQlRaXLJmT30hokWHwD2Xz5LfuTAdjuaW0KWK-mS1L8X0jja-d-iECmNR9JY74YVIcTuDWaYMh2M |
| project_id | c651c6b38d6849099dd6ea754a288e39                                                                                                                                                        |
| user_id    | c9c4f121493144be98097c67ad9feeb0                                                                                                                                                        |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

 

In the next article I will continue the steps to Install and Configure Controller node in OpenStack where I will share the steps to configure rest of the mandatory services on controller node.

 

Leave a Reply

Your email address will not be published. Required fields are marked *