Steps to Install and configure Controller Node in OpenStack - Part 1


How To

This is the first part of two part tutorial to manually install and configure controller node in Openstack. The controller node runs the Identity service, Image service, management portions of Compute, management portion of Networking, various Networking agents, and the Dashboard. It also includes supporting services such as an SQL database, message queue, and Network Time Protocol (NTP).

Optionally, the controller node runs portions of the Block Storage, Object Storage, Orchestration, and Telemetry services.

Steps to Install and configure Controller Node in OpenStack - Part 1

 

Below are the core and optional component of the Controller Node. From docs.openstack.org

Steps to Install and configure Controller Node in OpenStack - Part 1

 

Steps to Install and Configure controller node in OpenStack

To install and configure controller node and entire setup of Openstack will be time taking process if done manually so there are alternate ways to automate the configuration and deployment using tools like packstack, devstack and tripleo. I have already shared step by step guide to set up your openstack deployment on virtual machines using packstack and tripleO i.e. Openstack on Openstack.

 

For this article I will use "Queens" release of Openstack. In this article I will cover the below topics

  • Configure Networking
  • Configure NTP
  • Enable OpenStack Repository
  • Install the OpenStack Client
  • Install and configure MariaDB database
  • Secure MariaDB database
  • Install RabbitMQ service
  • Configure Memcached
  • OpenStack keystone service
  • Update Keystone configuration
  • Create Project or Tenant
  • Create environment files

 

Here my setup is running on a Oracle Virtual Box hosted on a Windows 10 host. Below is my setup config

Configuration Value
Disk 10 GB
Memory 4 GB
vCPU 2
OS CentOS 7.4
NIC1 10.0.2.10
NIC2 DHCP

 

Configure Networking

My controller IP is "10.0.2.10"

[root@controller ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:df:87:41 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.10/24 brd 10.0.2.255 scope global enp0s3
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fedf:8741/64 scope link
       valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:95:c3:cd brd ff:ff:ff:ff:ff:ff
    inet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic eth0
       valid_lft 69907sec preferred_lft 69907sec
    inet6 fe80::a00:27ff:fe95:c3cd/64 scope link
       valid_lft forever preferred_lft forever
NOTE:
Here 10.0.3.15 is my external network which is used to connect to Internet for downloading the required packages

I have mapped my hostname, FQDN with IP address for my setup in the hosts file of the controller node. We will do the same on the other nodes once we start working on them

[root@controller ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.0.2.10       controller.example.com controller
10.0.2.11       compute.example.com compute
10.0.2.12       network.example.com network
10.0.2.13       storage.example.com storage

For our demo setup we will stop the firewall services

[root@controller ~]# systemctl stop firewalld
[root@controller ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
WARNING:
It is important that in a production environment the firewall is enabled, up and running. You must add all the required iptables rules for your openstack services to be reachable across the nodes and within the various services.

OpenStack networking currently does not work on systems that have the Network Manager (NetworkManager) service enabled. The Network Manager service is currently enabled by default on RHEL / CentOS 7. So disable and stop the NetworkManager service.

[root@controller ~]# systemctl disable NetworkManager
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.

[root@controller ~]# systemctl stop NetworkManager

 

Configure NTP

Install the required ntp daemon if not already available

[root@controller ~]# yum -y install ntp

Place you NTP server pools in your ntp.conf

server 0.asia.pool.ntp.org
server 1.asia.pool.ntp.org
server 2.asia.pool.ntp.org
server 3.asia.pool.ntp.org

Next restart your ntpd service

[root@controller ~]# systemctl restart ntpd

Check the ntpd daemon status

[root@controller ~]# systemctl status ntpd
● ntpd.service - Network Time Service
   Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2018-11-01 21:18:12 IST; 4s ago
  Process: 15456 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 15457 (ntpd)
   CGroup: /system.slice/ntpd.service
           └─15457 /usr/sbin/ntpd -u ntp:ntp -g

Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen and drop on 1 v6wildcard :: UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 2 lo 127.0.0.1 UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 3 enp0s3 10.0.2.10 UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 4 eth0 10.0.3.15 UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 5 lo ::1 UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 6 enp0s3 fe80::a00:27ff:fedf:8741 UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listen normally on 7 eth0 fe80::a00:27ff:fe95:c3cd UDP 123
Nov 01 21:18:12 controller.example.com ntpd[15457]: Listening on routing socket on fd #24 for interface updates
Nov 01 21:18:13 controller.example.com ntpd[15457]: 0.0.0.0 c016 06 restart
Nov 01 21:18:13 controller.example.com ntpd[15457]: 0.0.0.0 c012 02 freq_set kernel 8.476 PPM

Next check if your NTP service is able to connect to it's peers

[root@controller ~]# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 ns-vultr.nono.i 218.73.139.35    2 u   14   64    1  304.210  5213983   0.000
 hkg1.m-d.net    133.243.238.163  2 u   16   64    1  317.870  5213989   0.000
 ntp.sg.eria.one 10.84.87.146     2 u   18   64    1  208.213  5213990   0.000
 203.95.213.129  193.62.22.74     3 u   19   64    1  601.558  5214001   0.000

 

Enable OpenStack repository

On CentOS, the extras repository provides the RPM that enables the OpenStack repository. CentOS includes the extras repository by default, so you can simply install the package to enable the OpenStack repository.

NOTE:
Since we are installing Queens release, we will install the queen repo from the project
[root@controller ~]# yum install centos-release-openstack-queens -y

Download and install the RDO repository RPM to enable the OpenStack repository.

[root@controller ~]# yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-queens/rdo-release-queens-1.noarch.rpm

Lastly our final list of repository required to install and configure controller node in OpenStack are below

[root@controller ~]# yum repolist
Loaded plugins: fastestmirror, langpacks
Repository rdo-trunk-queens-tested is listed more than once in the configuration
Loading mirror speeds from cached hostfile
 * base: centos.excellmedia.net
 * extras: centos.excellmedia.net
 * updates: centos.excellmedia.net
repo id                                                             repo name                                                      status
!base/7/x86_64                                                      CentOS-7 - Base                                                  9,911
!centos-ceph-luminous/7/x86_64                                      CentOS-7 - Ceph Luminous                                           184
!centos-openstack-queens/7/x86_64                                   CentOS-7 - OpenStack queens                                    2,447+2
!centos-qemu-ev/7/x86_64                                            CentOS-7 - QEMU EV                                                  63
!extras/7/x86_64                                                    CentOS-7 - Extras                                                  432
!openstack-queens/x86_64                                            OpenStack Queens Repository                                      2,449
!rdo-qemu-ev/x86_64                                                 RDO CentOS-7 - QEMU EV                                              63
!updates/7/x86_64                                                   CentOS-7 - Updates                                               1,614
repolist: 17,163

 

Install the OpenStack client

The "openstackclisent" aka "OSC" is a command line client for openstack which brings the command set for compute, identity, image, object storage and block storage APIs together in a single shell with a uniform command structure. This tool is required to install and configure controller node in OpenStack.

[root@controller ~]# yum install python-openstackclient -y

 

Install and Configure MariaDB database

Openstack is quite flexible in the database selection, OpenStack supports SQL database engines like MariaDB, MySQL and postgresql. The database service runs on the controller node. For this demo we will use MariaDB so let us go ahead and install MariaDB packages. Along with that we should also install python client libraries for MySQL.

[root@controller ~]# yum install mariadb mariadb-server python2-PyMySQL

Let us create a new file openstack.cnf inside /etc/my.cnf.d with below content.

[root@controller ~]# cat /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 10.0.2.10
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
character-set-server = utf8

Create a [mysqld] section, and set the bind-address key to the management IP address of the controller node to enable access by other nodes via the management network. Set additional keys to enable useful options and the UTF-8 character set:

Start the database service and configure it to start when the system boots:

[root@controller ~]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.

[root@controller ~]# systemctl start mariadb

Check the status

[root@controller ~]# systemctl status mariadb
● mariadb.service - MariaDB 10.1 database server
   Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2018-11-01 17:23:26 IST; 18h ago
 Main PID: 3364 (mysqld)
   Status: "Taking your SQL requests now..."
   CGroup: /system.slice/mariadb.service
           └─3364 /usr/libexec/mysqld --basedir=/usr

Nov 01 17:23:26 controller.example.com systemd[1]: Starting MariaDB 10.1 database server...
Nov 01 17:23:26 controller.example.com mysql-prepare-db-dir[3327]: Database MariaDB is probably initialized in /var/lib/mysql alre...done.
Nov 01 17:23:26 controller.example.com mysqld[3364]: 2018-11-01 17:23:26 139821793515712 [Note] /usr/libexec/mysqld (mysqld 10.1....64 ...
Nov 01 17:23:26 controller.example.com systemd[1]: Started MariaDB 10.1 database server.
Hint: Some lines were ellipsized, use -l to show in full.

 

Secure MariaDB Database

Execute the below command to set security for your MySQL or MariaDB database in multiple ways like setting root user password, remove root accounts that are accessible from outside the localhost remove anonymous accounts which by default can be accessed by anyone in your account (also anonymous), and privileges that allows anyone to access database with names "test_"

Let us start our script

[root@controller ~]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

 

Install RabbitMQ Service

OpenStack uses a message queue to coordinate operations and status information among services. The message queue service typically runs on the controller node.

[root@controller ~]# yum install rabbitmq-server -y

Start the message queue service and configure it to start when the system boots:

[root@controller ~]# systemctl enable rabbitmq-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.


[root@controller ~]# systemctl start rabbitmq-server.service

Add the openstack user with redhat as the password

[root@controller ~]# rabbitmqctl add_user openstack redhat
Creating user "openstack" ...

Permit configuration, write, and read access for the openstack user:

[root@controller ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...

 

Configure Memcached

The Identity service authentication mechanism for services uses Memcached to cache tokens. The memcached service typically runs on the controller node.

Install the packages:

[root@controller ~]# yum install memcached python-memcached -y

Configure the service to use the management IP address of the controller node. This is to enable access by other nodes via the management network:

[root@controller ~]# cat /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1,controller"

Start the Memcached service and configure it to start when the system boots:

[root@controller ~]# systemctl enable memcached.service
[root@controller ~]# systemctl start memcached.service

 

Openstack keystone Service

The OpenStack Identity service provides a single point of integration for managing authentication, authorization, and a catalog of services.

The Identity service is typically the first service a user interacts with. Once authenticated, an end user can use their identity to access other OpenStack services. Likewise, other OpenStack services leverage the Identity service to ensure users are who they say they are and discover where other services are within the deployment. The Identity service can also integrate with some external user management systems (such as LDAP).

Use the database access client to connect to the database server as the root user:

[root@controller ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or g.
Your MariaDB connection id is 10
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

Create the keystone database:

MariaDB [(none)]> CREATE DATABASE keystone;
Query OK, 1 row affected (0.00 sec)

Grant proper access to the keystone database:

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';
Query OK, 0 rows affected (0.00 sec)
NOTE:
Replace KEYSTONE_DBPASS with your password. For this example my password will be openstack

Exit from the database

MariaDB [(none)]> quit
Bye

 

Update Keystone Configuration

Run the following command to install the packages:

[root@controller ~]# yum install openstack-keystone openstack-utils httpd mod_wsgi -y

Next configure your keystone configuration file

NOTE:
Replace KEYSTONE_DBPASS with your password. For this example my password will be openstack
[root@controller ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token b6648ecb74bbcb5d388d
[root@controller ~]# openstack-config --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
[root@controller ~]# openstack-config --set /etc/keystone/keystone.conf token provider fernet

Synchronize keystone database

[root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone

Token provider configuration

[root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

[root@controller ~]# keystone-manage bootstrap --bootstrap-password redhat --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne

 

Configure Apache HTTP Service

[root@controller ~]# vim /etc/httpd/conf/httpd.conf
ServerName controller

Create a link to the /usr/share/keystone/wsgi-keystone.conf file:

[root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

[root@controller ~]# systemctl enable httpd.service
[root@controller ~]# systemctl start httpd.service
[root@controller ~]# systemctl status httpd.service

Create keystone service entity

[root@controller ~]# openstack service create --name keystone --description "Openstack Identity" identity
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Openstack Identity               |
| enabled     | True                             |
| id          | 329a0fb8b2a7421fb24c8b7baeefee39 |
| name        | keystone                         |
| type        | identity                         |
+-------------+----------------------------------+

Create keystone service endpoint

[root@controller ~]# openstack endpoint create --region RegionOne identity public http://controller:5000/v3
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 42cb3d82acbc47db8e0473b00517bc29 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 329a0fb8b2a7421fb24c8b7baeefee39 |
| service_name | keystone                         |
| service_type | identity                         |
| url          | http://controller:5000/v3        |
+--------------+----------------------------------+

[root@controller ~]# openstack endpoint create --region RegionOne identity internal http://controller:5000/v3
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 30daf6142c2e4a8abe011b16c5bc0c3c |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 329a0fb8b2a7421fb24c8b7baeefee39 |
| service_name | keystone                         |
| service_type | identity                         |
| url          | http://controller:5000/v3        |
+--------------+----------------------------------+

[root@controller ~]# openstack endpoint create --region RegionOne identity admin http://controller:35357/v3
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 0270117e53c04d958e79b33fc247b7a0 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 329a0fb8b2a7421fb24c8b7baeefee39 |
| service_name | keystone                         |
| service_type | identity                         |
| url          | http://controller:35357/v3       |
+--------------+----------------------------------+

[root@controller ~]# openstack domain create --description "Default Domain" default
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Default Domain                   |
| enabled     | True                             |
| id          | 0267824b7d934264aa9d560e7650681b |
| name        | default                          |
| tags        | []                               |
+-------------+----------------------------------+

 

Create Project or Tenant

[root@controller ~]# openstack project create --domain default --description "Admin Project" admin
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Admin Project                    |
| domain_id   | 0267824b7d934264aa9d560e7650681b |
| enabled     | True                             |
| id          | 8bb9c0b1fa7947778a4f914ea0752cfc |
| is_domain   | False                            |
| name        | admin                            |
| parent_id   | 0267824b7d934264aa9d560e7650681b |
| tags        | []                               |
+-------------+----------------------------------+

Create admin user

[root@controller ~]# openstack user create --domain default --password-prompt admin
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | 0267824b7d934264aa9d560e7650681b |
| enabled             | True                             |
| id                  | 1774158c0048410ea8114a35b7e2db7e |
| name                | admin                            |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

Create admin role

[root@controller ~]# openstack role create admin
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | None                             |
| id        | 9c24032c58984e3ea6605b30cb2506c4 |
| name      | admin                            |
+-----------+----------------------------------+

Assign admin user to admin role

[root@controller ~]# openstack role add --project admin --user admin admin

Create a service project

[root@controller ~]# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Service Project                  |
| domain_id   | 0267824b7d934264aa9d560e7650681b |
| enabled     | True                             |
| id          | 28f0fa2db8c1400db3fa514f5c926cc0 |
| is_domain   | False                            |
| name        | service                          |
| parent_id   | 0267824b7d934264aa9d560e7650681b |
| tags        | []                               |
+-------------+----------------------------------+

Create demo project

[root@controller ~]# openstack project create --domain default --description "Demo Project" demo
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Demo Project                     |
| domain_id   | 0267824b7d934264aa9d560e7650681b |
| enabled     | True                             |
| id          | c651c6b38d6849099dd6ea754a288e39 |
| is_domain   | False                            |
| name        | demo                             |
| parent_id   | 0267824b7d934264aa9d560e7650681b |
| tags        | []                               |
+-------------+----------------------------------+

Create demo user

[root@controller ~]# openstack user create --domain default --password-prompt demo
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | 0267824b7d934264aa9d560e7650681b |
| enabled             | True                             |
| id                  | c9c4f121493144be98097c67ad9feeb0 |
| name                | demo                             |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

Create the user role:

[root@controller ~]# openstack role create user
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | None                             |
| id        | 8b2c75041b7149d5a122f9308d71a773 |
| name      | user                             |
+-----------+----------------------------------+

Add the user role to the demo project and user:

[root@controller ~]# openstack role add --project demo --user demo user

 

Create environment files

Create client environment scripts for the admin and demo projects and users. Future portions of this guide reference these scripts to load appropriate credentials for client operations.

Below is my adminrc file. Replace the OS_PASSWORD value with your admin password

[root@controller ~]# cat adminrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=redhat
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

Load the adminrc file to populate environment variables with the location of the Identity service and the admin project and user credentials:

[root@controller ~]# source adminrc

Request an authentication token:

[root@controller ~]# openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                                                                   |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires    | 2018-10-25T17:03:34+0000                                                                                                                                                                |
| id         | gAAAAABb0elWkG4Q6UZ_NCXqazQAEubroEpeHelbD3UrOAdZsHtcdDJ1n7Fnb2xuGZfBLc74UZznZVA4lOT304SF9N7ZlFlXr39ZHmdlqB6iD1hbARkCkJt2rXARRretqw5vyLK07RXGrVtjFgN5wccU0PiZRgVRFyqkDdHMrcLcicDo1GrQlbg |
| project_id | 8bb9c0b1fa7947778a4f914ea0752cfc                                                                                                                                                        |
| user_id    | 1774158c0048410ea8114a35b7e2db7e                                                                                                                                                        |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Similarly below is my demorc file

[root@controller ~]# cat demorc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=redhat
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

Load the demorc file to populate environment variables with the location of the Identity service and the demo project and user credentials:

[root@controller ~]# source demorc

Request an authentication token:

[root@controller ~]# openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                                                                   |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires    | 2018-10-25T17:08:07+0000                                                                                                                                                                |
| id         | gAAAAABb0epn7oHBEcsoApMqFT3bQ9aMtE-n4lJ_rnRmFuuAlPuQ4Pgel2QfsVEywwTgSxEzeBFT3NVkBJ3Y2pD8VhJPSSn_EjrNudGa9M9UQlRaXLJmT30hokWHwD2Xz5LfuTAdjuaW0KWK-mS1L8X0jja-d-iECmNR9JY74YVIcTuDWaYMh2M |
| project_id | c651c6b38d6849099dd6ea754a288e39                                                                                                                                                        |
| user_id    | c9c4f121493144be98097c67ad9feeb0                                                                                                                                                        |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

 

In the next article I will continue the steps to Install and Configure Controller node in OpenStack where I will share the steps to configure rest of the mandatory services on controller node.

 

Deepak Prasad

Deepak Prasad

He is the founder of GoLinuxCloud and brings over a decade of expertise in Linux, Python, Go, Laravel, DevOps, Kubernetes, Git, Shell scripting, OpenShift, AWS, Networking, and Security. With extensive experience, he excels in various domains, from development to DevOps, Networking, and Security, ensuring robust and efficient solutions for diverse projects. You can connect with him on his LinkedIn profile.

Can't find what you're searching for? Let us assist you.

Enter your query below, and we'll provide instant results tailored to your needs.

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

Buy GoLinuxCloud a Coffee

For any other feedbacks or questions you can send mail to admin@golinuxcloud.com

Thank You for your support!!

Leave a Comment